Enter your domain to discover potentially dangerous look-alike domains that attackers could register for phishing, brand impersonation, or credential harvesting.
Enter a domain without http:// or www. Example: hazaccountants.com.au
Generating lookalike permutations...
Typosquatting (also called URL hijacking or domain mimicry) is when attackers register domains that look similar to legitimate ones. They exploit typos, visual similarity between characters, and common TLD confusion to trick users into visiting malicious sites.
In 2025, the ACSC reported that 62% of successful phishing attacks used lookalike domains. A single compromised credential from a typosquat domain can cost a business an average of $180,000 AUD in incident response and remediation.
Characters that look identical but aren't: rn โ m, l โ I, 0 โ O. The domain "exarnple.com" looks like "example.com" at a glance.
Registering common keyboard-adjacent typos: gogle.com, gogole.com, gooogle.com. Fat-finger errors humans make every day.
Swapping .com.au for .com, .net.au, .org โ or the reverse. Users rarely check the full domain before entering credentials.
Adding plausible words: yourcompany-login.com, yourcompany-secure.com, mail-yourcompany.com. Especially effective in email phishing.
We help businesses monitor for lookalike domains, implement DMARC/SPF/DKIM, and train staff to spot phishing attempts.
Get in Touch