In the ever-evolving landscape of cybercrime, look-alike domains remain a constant component in the vast majority of threats. Look-alike domains or, URLs that resemble those of a legitimate brand, can cause significant damage to brand reputation by way of fraudulent websites, phishing schemes, malware distribution, and more.
Original research conducted by Fortra Brand protection analyzes how look-alike domains targeted unsuspecting victims during the first half of 2023. According to the report, the average brand faced nearly 40 look-alike domain attacks per month, with a significant spike occurring in June. Of those classified as malicious, almost 77% were phishing sites, created to steal sensitive information.
Spotting malicious domains isn’t easy. A single change to a domain record can instantly turn a harmless URL into a weapon. Mitigation is just as difficult—most providers demand substantial proof of abuse before taking action.
To defend against domain impersonation, organizations need clear visibility into the domains targeting their brand and an understanding of how attackers weaponize them.
Key findings from the report include:
- In H1 2023, the average brand was targeted by nearly 40 look-alike domains every month
- 77% of look-alike domains deemed malicious hosted phishing sites
- Cybercriminals are now paying to register look-alike domains after free registrations of top-level domains decreased by 80% in Q1 2023
- For the first time since reporting on domain data, Fortra has seen cybercriminals favoring country-code top-level domains (ccTLDs)
- More than 62% of spoofed email display names impersonated well-known brands, including Microsoft and Google
Access the full report.
