Fake DeepSeek Sites Used for Credential Phishing, Crypto Theft, Scams

Description

Researchers have identified numerous fake DeepSeek websites being used for malicious purposes, including credential phishing, cryptocurrency theft, and various scams. Over 50 active sites and thousands of potentially malicious domains have been observed. These fake sites range from obvious imitations to sophisticated replicas that are difficult to distinguish from the legitimate DeepSeek website. Some sites aim to collect personal information or distribute malware disguised as DeepSeek apps. The campaign appears to be evolving in real-time, with new sites emerging rapidly to replace those that are shut down. Cybersecurity experts warn that this may be a coordinated attack campaign, exploiting the window of opportunity before traditional takedown systems can respond.