Attacks on corporations using lookalike domains – when a phishing e-mail is sent from a domain that is one letter different from the real one. This approach on the part of the attacker turns out to be slightly more profitable than traditional spoofing, when the sender’s address is simply forged. Modern inbound authentication technologies, such as SPF, DKIM and DMARC, are fairly reliable in identifying outright forgeries. The letter from the lookalike domain contains all the necessary digital signatures and can pass filters. This is a deliberate attempt to hack into the company’s infrastructure, steal money through sending a plausible invoice, and so on.
This service looks for the huge number of similar looking and similar sounding domains and highlights these as possible phishing domains. With an integrated risk assessment capability, riskier phishing domains are extracted from the hundreds of domains that are typically found. Based on proprietary risk assessment algorithms, we report the ones you need to act against – and we also suggest possible actions you can take to mitigate phishing risks.