It’s Look-Alike Day: While Doppelganger Humans Can Be Funny, Domains Are Not



DD-Day-SocialOn April 20, we celebrate National Look-Alike Day. It’s the perfect time to see which people have similar features as you, instead of that completely normal person you bumped into at the supermarket. As for me, I think I look similar to producer and director Randy Barbato! Do you see the similarities?

randy barbatoStu01-1


While it’s fun to compare apples to oranges, it is important to see how this holiday can tie into look-alike domains. Cybercriminals do their due diligence to identify external individuals and in turn, use similar looking domains and social engineering skills to make it seem like communication is from the actual person.

To illustrate this threat with real examples, last year security vendor Agari found that 23%, or nearly 1 in 4, business email compromise attacks are sent from a lookalike domain registered by the attackers. Three years ago the threat actors behind Nemty ransomware created a Paypal phishing site that was made to look like Paypal’s legitimate domain with the use of Unicode characters from different alphabets. A few years back the homographic-including “ɢoogle.com” was purchased and in turn, used in phishing campaigns. Threatpost researcher Avi Lumelsky found that it’s really not that hard to set up a convincing-looking Google phishing website from scratch. 

Not only can these look-alike domains fool even technically-minded people, new top-level domains are available every year. These factors make all organizations, regardless of industry or size, to be vulnerable to this type of threat.

Since look-alike domains are a dangerous vector for phishing attacks, it's top priority that you monitor for potentially harmful domains that can spoof your domain. Our Domain Doppelgänger tool makes it easy for you to identify your potential "evil domain twins" and combines the search, discovery, reporting, risk indicators, and end-user assessment with training so you can take action now.

Let’s stay safe out there (and have fun finding your doppelganger, too). 


Discover dangerous look-alike domains that could be used against you! 

Since look-alike domains are a dangerous vector for phishing attacks, it's top priority that you monitor for potentially harmful domains that can spoof your domain.

Our Domain Doppelgänger tool makes it easy for you to identify your potential "evil domain twins" and combines the search, discovery, reporting, risk indicators, and end-user assessment with training so you can take action now.

DomainDoppelgangerResults-1Here's how it's done:

  • Get detailed results of look-alike domains found similar to your primary email domain
  • You can now quiz your users with your look-alike results
  • Get a summary PDF that contains an overview of the look-alike domains and associated risk levels discovered during the analysis
  • It only takes a few minutes to discover your “evil domain twins”!

Find Your Look-Alike Domains!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

https://www.knowbe4.com/domain-doppelganger



Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews