language-icon

EN

Contact Us

Inbound Email Security Threat

Analyze Hard-to-Identify Domains

Analyze-Hard-to-Identify-Domains-img1

What is Look-alike Domain?

A look-alike domain (or similar domain) refers to a domain that closely resembles the original domain, either in its form or spelling. Such similar domains are often used in impersonation (spoofing) and phishing attacks. Attackers commonly create domains that mimic trusted companies, brands, or websites and use them to send emails or set up webpages in an attempt to gain the user’s trust. Using these similar domains increases the likelihood that users may fall into malicious activities without receiving warnings.

For example, if the original domain is “example.com,” an attacker might create a similar domain like “examp1e.com” or “exarnple.com” with similar spellings to send phishing emails. When users receive such emails, it can be challenging to detect the differences from the original domain, making them vulnerable to potential harm.

Attack Pathways of Look-alike Domain

number_1
1-Domain-Creation
Domain Creation
The attacker creates a new domain that closely resembles the original domain. This new domain appears similar to the original one but may include slight modifications or a mixture of upper and lower-case characters to maintain similarity.
number_2
2-Domain-Registration
Domain Registration
The attacker registers the created look-alike domain. During this process, the attacker may use fake or anonymous information to obtain domain registration.
number_3
1-Careless-Composition
Email Composition
Using the created domain, the attacker composes phishing emails. These emails are designed to closely mimic the original domain in terms of domain address, logos, signatures, and other elements to emphasize the similarity with the genuine domain.
number_4
1-Sending-Phishing-Emails
Mass Distribution
The attacker sends out the phishing emails in bulk. The content of these emails typically aims to lure users into taking action, such as visiting a phishing site or clicking on malicious links.
number_5
2-Email-Spoofing
Phishing Attempt
Some email recipients may receive the phishing email, trust its content, and follow instructions, which can lead them to visit a phishing site or click on malicious links. This allows the attacker to collect sensitive information or prompt the download of malicious software.

Detect domains hard to identify with human eyes using ReceiveGUARD!

Emails using visually similar domains that are difficult to distinguish with the human eye are a type of phishing email designed to trick individuals and organizations into revealing sensitive information. ReceiveGUARD employs machine learning technology based on data from businesses and individual users to identify email domains that mimic those of trusted partners or entities. This proactive approach helps safeguard internal email communications, protect sensitive information, and preserve the integrity of business relationships.

Have you ever mistakenly thought an email was sent by a business partner or client?

We are here for your email security.
Learn More

Counteract look-alike domain and more with EG-Platform!

Analyze Vulnerability through Security Assessment

Assess various email threats to identify weaknesses in the email system.
Learn More

Prevent Unauthorized Access Attempts to Mail Servers

Prevent unauthorized and illegal intrusion to steal sensitive data in the mail server.
Learn More

Block Malware Threats Hidden in Malicious URLs

Block harmful actions that lead to malware infection on the user’s device when accessing malicious URLs.
Learn More

Prevent Unintentional Information Leakage Due to Insider Mistakes Mistakes

Prevent information leakage due to user errors or mishaps, regardless of their intentions.
Learn More

Protect from Compromised Account Emails

Prevent malicious use of user accounts compromised by attackers to exploit other users’ personal information.
Learn More

Prevent Intentional Confidential Information Leakage

Prevent users from intentionally leaking sensitive information externally.
Learn More

Protect from Zero-Day Threats

Prevent damage from new forms of malware threats previously inexperienced.
Learn More

Prevent Sophisticated BEC Attacks

Block actions where individuals impersonate executives within organization to gain access to internal information.
Learn More

Block Email Spoofing

Prevent users from intentionally leaking sensitive information externally.
Learn More

Protect Mail Server from Illegal Relay Attack

Protect from malicious activities compromising the security of the email server.
Learn More

Detect Attacks Exploiting Email Attachments

Prevent the spread of malware through attachments with malicious intent.
Learn More

Prevent System Disruption due to Ransomware

Prevent the infiltration of a user’s PC and system encryption through email attachments.
Learn More

Protect Personal Information from Phishing Sites

Prevent email links from redirecting to malicious sites that extract personal information.
Learn More

Detect Email Sending IP Route Change

Detect activities such as illegal access to users’ email accounts and identify theft through impersonation.
Learn More

Analyze Hard-to-Identify Domains

Analyze actions that create domains similar to the original domain to cause harm.
Learn More