Suspicious
Phishings targeting MetaMask
Suspicious and active websites
Phishings targeting Metamask
Suspicious and active websites
Active
23
New (7d)
3
Trend (7d)
↑50%
- Countries
United States 
Germany 
The Netherlands
Suspicious sites — confidence is not always 100%. Use for Threat Hunting or watchlists.
| Last check (UTC) | First seen (UTC) ▾ | URL | Screenshot | Flags | Details |
|---|---|---|---|---|---|
| 2026-06-04 01:30 | 2026-06-04 01:01 |  |
GSB OpenPhish | Details | |
| 2026-06-04 01:30 | 2026-06-03 13:00 |  |
GSB OpenPhish urlscan | Details | |
| 2026-06-04 01:30 | 2026-05-28 01:01 |  |
OpenPhish urlscan | Details | |
| 2026-06-04 01:30 | 2026-05-21 01:01 |  |
OpenPhish urlscan | Details | |
| 2026-06-04 01:30 | 2026-05-21 01:01 |  |
OpenPhish urlscan | Details | |
| 2026-06-04 01:30 | 2026-05-14 15:41 |  |
urlscan | Details | |
| 2026-06-04 01:30 | 2026-05-13 09:07 |  |
urlscan | Details | |
| 2026-06-04 01:30 | 2026-05-12 10:30 |  |
urlscan | Details | |
| 2026-06-04 01:30 | 2026-05-09 01:03 |  |
OpenPhish urlscan | Details | |
| 2026-06-04 01:30 | 2026-05-09 01:02 |  |
OpenPhish urlscan | Details | |
| 2026-06-04 01:30 | 2026-05-06 13:04 |  |
GSB OpenPhish urlscan | Details | |
| 2026-06-04 01:30 | 2026-05-06 13:04 |  |
OpenPhish | Details | |
| 2026-06-04 01:30 | 2026-04-27 13:02 |  |
OpenPhish | Details | |
| 2026-06-04 01:30 | 2026-04-27 01:00 |  |
OpenPhish | Details | |
| 2026-06-04 01:30 | 2026-04-25 01:01 |  |
OpenPhish urlscan | Details | |
| 2026-06-04 01:30 | 2026-04-24 01:01 |  |
OpenPhish | Details | |
| 2026-06-04 01:30 | 2026-04-24 01:01 |  |
OpenPhish | Details | |
| 2026-06-04 01:30 | 2026-04-21 08:01 |  |
urlscan | Details | |
| 2026-06-04 01:30 | 2026-04-15 13:05 |  |
OpenPhish | Details | |
| 2026-06-04 01:30 | 2026-04-11 23:42 |  |
urlscan | Details | |
| 2026-06-04 01:30 | 2026-04-04 13:02 |  |
OpenPhish urlscan | Details | |
| 2026-06-04 01:30 | 2026-03-29 15:04 |  |
urlscan | Details | |
| 2026-06-04 01:30 | 2026-03-27 01:01 |  |
OpenPhish | Details |
Suspicious sites — confidence is not always 100%. Use for Threat Hunting or watchlists.
| URL | Screenshot | Details |
|---|---|---|
| https://metamask-scam.blogspo…
GSB OpenPhish |
|
Details |
| http://metamask-scam.blogspot…
GSB OpenPhish urlscan |
|
Details |
| https://metamask-docs-git-dep…
OpenPhish urlscan |
|
Details |
| http://metamaskwallet.to
OpenPhish urlscan |
|
Details |
| https://h5.metamaskvip.top
OpenPhish urlscan |
|
Details |
| https://metamask-transaction.…
urlscan |
|
Details |
| https://metamaskcasino.de
urlscan |
|
Details |
| https://download.metamaskwall…
urlscan |
|
Details |
| http://metamask-docs-p13jojaa…
OpenPhish urlscan |
|
Details |
| http://metamask-docs-p13jojaa…
OpenPhish urlscan |
|
Details |
| http://help-metamaskio-docs.t…
GSB OpenPhish urlscan |
|
Details |
| http://metamask-launchpad.ver…
OpenPhish |
|
Details |
| http://metamask-wallet.vercel…
OpenPhish |
|
Details |
| https://metamaskchromeextensi…
OpenPhish |
|
Details |
| https://metamaskwallett.blogs…
OpenPhish urlscan |
|
Details |
| https://metamask-dev-dashboar…
OpenPhish |
|
Details |
| https://metamask-dev-dashboar…
OpenPhish |
|
Details |
| https://metamaskcasino.de.com
urlscan |
|
Details |
| http://metamaskwallett.blogsp…
OpenPhish |
|
Details |
| https://metamaskrewards.com
urlscan |
|
Details |
| http://metamaskloginu.blogspo…
OpenPhish urlscan |
|
Details |
| https://metamaskuks.vip
urlscan |
|
Details |
| http://metamaskchromeextensio…
OpenPhish |
|
Details |
AIHow to verify a real MetaMask URL
- Legitimate MetaMask URLs always end in
metamask.io(e.g.www.metamask.io,account.metamask.io). Anything else — including look-alike typosquats, hyphenated variations, or unfamiliar TLDs like.xyz/.top/.vip— is not MetaMask. - The padlock icon proves TLS is active, not that the site is safe. Free DV certificates are issued to attackers in minutes; every active site listed above has a valid TLS certificate.
- If you got the link from email, SMS, or social media, do not click it. Open
metamask.iofrom your browser bookmark or type the domain manually. - Real MetaMask pages almost never ask for credentials immediately after clicking from a message — treat any such redirect as a phishing attempt until the domain is verified.