Domain Squatting

Our Domain Squatting assessment enables organizations to understand the breadth of domain names similar to their own that can be registered by attackers. Registering similarly named domains is called “squatting.”

Attackers put organizations at risk by squatting domain names. When users mis-type the organization’s domain name, they can end up at sites crafted by attackers to deliver malware payloads or sites that masquerade as the organization and collect login credentials and other sensitive information for later abuse.

Additionally, domain squatting puts users at risk of information disclosure or malware delivery when attackers send emails from domains that, at first glance, appear to be legitimately from the organization, or from another trusted organization, partner, or vendor.

Best practices for using the Domain Squatting threat:

  • Assess potential weaknesses in domain coverage which could put an organization’s end users at risk of unintentionally sharing personal information, like passwords or payment information
  • Verify completed questionnaires from critical vendors
  • Understand whether there are any suspicious domains that are similar to official domains for a vendor, but not registered to their company, which could put the company’s data at risk if customers or employees interact with that domain
  • Understand whether end users at an insured company are at risk for data loss, email phishing attacks, and other threats