What is a Doppelganger Domain?

Last Updated On November 03, 2018

A doppelganger domain is essentially a domain name which closely resembles your organization’s in one or more ways. For example, if your domain name is www.google.com, a doppelganger domain could be www.gooogle.com (note the extra “o”). This could trick quite a few people if they’re not looking closely.

What are the threats associated with doppelganger domains?

One of the biggest threats posed by doppelganger domains is social engineering attacks. A doppelganger domain looks very similar to your organization’s and, therefore, could be used as part of a phishing attack against your employees. As a result, the chances of a phishing attack being successful when originating from a doppelganger domain is much higher than if it were to originate from a non-similar domain name.

How to protect from doppelganger domains

Your organization can periodically scan for doppelganger domains using publicly available resources and tools. Upon discovery, your organization should evaluate its potential threat and make adjustments in the email filter settings accordingly. Unless required for business purposes, emails originating from doppelganger domains should be restricted.

vonahi footer logo

Meet vPenTest – the leading automated network penetration testing SaaS platform that streamlines the delivery of network pentesting, making it super easy for MSPs to offer SMB clients the ultimate protection. And for internal IT teams, it’s a cost effective and efficient way of evaluating cybersecurity risks in real-time. Say goodbye to manual network pentesting – the future is automated!
Connect with Us

Follow us on social media for the latest vPenTest updates, announcements, and cybersecurity best practices from our security experts.