Is this what you expected to find at the URL you just clicked?


Domain Doppelganger (aka Lookalike domains) are URLs that look similar to a trusted URL, but have subtle differences. Doppelganger domains are used to trick users into visiting a malicious website or clicking on an untrustworthy link simply by changing a few key characters in the domain name.

For example

  • Did the URL you clicked replace an O with a 0 (zero)?
  • Is there a special character, like a . or a – missing?
  • Is there a 1 instead of a lowercase-L?

These can be very tricky to spot, but they’re almost always malicious!


  • Best Option Don’t click that link! Go to the website directly for by typing it in rather than click the link!
  • Always hover over the URL before clicking, and inspect closely!
  • Use Email Tagging to help identify legitimate emails
  • Set your mail servers to require SPF and DMARC (not 100% effective)

This is a very low-tech attack that anyone can use to trick you into going to a malicious website. All it takes is a cheap domain name and a web host!


Share This