Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

My lazy Sunday afternoon was interrupted...

Stu Sjouwerman | Aug 12, 2020

evil_twin_domains

My lazy Sunday afternoon was interrupted with what appeared to be a prank, a social engineering attempt, or something else that remains to be identified. 

 

Apparently, someone took it upon themselves to create a lookalike domain of another training company (see Domain Doppelganger below) and route traffic from that lookalike domain to our website.

Even though ICANN has options to keep domain ownership anonymous, we still decided to immediately investigate. We continue to be in conversations with the other training company in hopes to identify the root cause.

Being the market leader for security awareness training and simulated phishing, we know to expect pranks and attempts to hack, so it comes as no great surprise. We do not condone this type of activity because it goes against our culture; we pride ourselves on our radical transparency with our staff, our customers, our partners, and the InfoSec community.

At the time of this writing, we don't know who created the typo-squatter domain, and we are taking measures to investigate. Stay tuned for further updates as they may arise.  
 
With security awareness top of mind, everybody wins. 

Topics: Social Engineering Phishing

Discover dangerous look-alike domains that could be used against you! 

Since look-alike domains are a dangerous vector for phishing attacks, it's top priority that you monitor for potentially harmful domains that can spoof your domain.

Our Domain Doppelgänger tool makes it easy for you to identify your potential "evil domain twins" and combines the search, discovery, reporting, risk indicators, and end-user assessment with training so you can take action now.

DomainDoppelgangerResults-1Here's how it's done:

  • Get detailed results of look-alike domains found similar to your primary email domain
  • You can now quiz your users with your look-alike results
  • Get a summary PDF that contains an overview of the look-alike domains and associated risk levels discovered during the analysis
  • It only takes a few minutes to discover your “evil domain twins”!

Find Your Look-Alike Domains!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

https://www.knowbe4.com/domain-doppelganger

Secure the Digital Workforce: Human + AI

KnowBe4 empowers the modern workforce to make smarter security decisions every day. Trusted by more than 70,000 organizations worldwide, KnowBe4 is the pioneer of digital workforce security, securing both AI agents and humans. The KnowBe4 Platform provides attack simulation and training, collaboration security, and agent security powered by AIDA (Artificial Intelligence Defense Agents) and a proprietary Risk Score. The platform leverages 15 years of behavioral data to combat advanced threats including social engineering, prompt injection, and shadow AI. By securing humans and agents, KnowBe4 leads the industry in workforce trust and defense.

Stu Sjouwerman

ABOUT STU SJOUWERMAN

Stu Sjouwerman (pronounced “shower-man”) is the Founder and Executive Chairman of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

Read more from Stu »

Subscribe the KnowBe4 Blog

Posts By Topic

View All