PANews reported on February 7 that according to a report by Hong Kong media Wen Wei Po, the network security report shows that there are currently 2,650 websites and phishing websites impersonating DeepSeek, and they are still increasing rapidly. Users need to be highly vigilant. The use of these counterfeit domain names is mainly for phishing fraud, domain name registration, and traffic guidance. Phishing fraud mainly steals user login credentials, misleads users with similar domain names and interfaces, and tricks users into buying virtual assets. Statistics show that large-scale counterfeit DeepSeek domain name registration activities started on January 26, 2025 and peaked on January 28. Although the increase has decreased since then, the number is still increasing.

In addition, 60% of these counterfeit domain names resolve to IP addresses in the United States. The scammers also launched various so-called "DeepSeek-enabled" air coins (virtual currencies with no real value) with high-end functions, and even websites claiming that users can buy DeepSeek's original shares, which may cause huge financial losses to users.