Malicious domains, IPs, IPFS hashes, or IPNS names
vegapoly.xyz
kickpoly.com
Please explain why this content is malicious
These websites impersonate Polymarket by using similar branding and user flows to mislead visitors. The sites solicit users' email addresses and present a Magic.link login prompt resembling the legitimate Polymarket authentication flow, creating the impression that users are signing in to Polymarket.
After an email address is submitted, the sites return a generic error rather than providing the advertised functionality, suggesting that the primary purpose is to collect user information rather than deliver a legitimate service.
The two domains exhibit highly similar branding, behavior, and user flows, indicating they may be operated by the same entity. Both appear to be AI-generated websites and use the same domain registrar/provider ("Trustname") which ignores abuse reports and makes it nearly impossible to file a report.
We believe these sites are part of a phishing campaign intended to deceive Polymarket users into revealing authentication credentials or one-time login codes, which could enable unauthorized access to user accounts and the theft of funds.
We recommend that these domains be investigated and, if confirmed to be malicious, added to MetaMask's phishing blocklist.
Is this a duplicate request?
Malicious domains, IPs, IPFS hashes, or IPNS names
vegapoly.xyz
kickpoly.com
Please explain why this content is malicious
These websites impersonate Polymarket by using similar branding and user flows to mislead visitors. The sites solicit users' email addresses and present a Magic.link login prompt resembling the legitimate Polymarket authentication flow, creating the impression that users are signing in to Polymarket.
After an email address is submitted, the sites return a generic error rather than providing the advertised functionality, suggesting that the primary purpose is to collect user information rather than deliver a legitimate service.
The two domains exhibit highly similar branding, behavior, and user flows, indicating they may be operated by the same entity. Both appear to be AI-generated websites and use the same domain registrar/provider ("Trustname") which ignores abuse reports and makes it nearly impossible to file a report.
We believe these sites are part of a phishing campaign intended to deceive Polymarket users into revealing authentication credentials or one-time login codes, which could enable unauthorized access to user accounts and the theft of funds.
We recommend that these domains be investigated and, if confirmed to be malicious, added to MetaMask's phishing blocklist.
Is this a duplicate request?