SecurityStatus
Sign In Scan Your Domain
How It WorksFeaturesKnowledge BaseComparePricing
Sign In Get Started
info Intelligence

Typosquatting Monitor

Typosquatting is the registration of domains that closely resemble yours — with a character swapped, a hyphen added, or a different TLD — to trick users into visiting a fake version of your site. These lookalike domains are used for phishing, credential harvesting, and brand impersonation.

What SecurityStatus Checks

  • Common typo variations: transposed letters, missing letters, double letters
  • Homograph attacks: visually similar Unicode characters (e.g., а vs a)
  • Similar TLD variations: .net, .org, .co, .io for your .com domain
  • Hyphenated variations and word substitutions

Why This Matters

Attackers register lookalike domains before a product launch or during a high-profile event to intercept confused users. A customer who lands on securitystatus.net instead of securitystatus.io might enter their credentials into a phishing page. Your DMARC and SPF protect your domain but do not protect against attackers using their own similar domains.

How to Fix It

  1. 1

    Register common typo variants defensively

    Register the most obvious typo variants of your domain and redirect them to your real site. At minimum: common misspellings, your domain with different popular TLDs (.net, .org, .co, .io), and hyphenated versions.

  2. 2

    Set up monitoring for new registrations

    Services like SecurityTrails, DomainTools, or MarkMonitor alert you when new domains similar to yours are registered. Early detection allows you to take action before an attack is launched.

  3. 3

    File a UDRP complaint for abusive domains

    If a domain is clearly being used for fraud or phishing against your brand, you can file a Uniform Domain-Name Dispute-Resolution Policy (UDRP) complaint through ICANN to have the domain transferred to you.

  4. 4

    Report active phishing domains

    If you find a lookalike domain actively serving phishing pages, report it to: the registrar (for takedown), Google Safe Browsing (safebrowsing.google.com/safebrowsing/report_phish), PhishTank, and your local cybercrime unit.

Frequently Asked Questions

How many typo domains should I register?
Register at least the most obvious variations: your domain with .net, .org, .co, and the most likely single-character typos. A domain portfolio service or brand protection tool can help identify priority registrations.
What is a homograph attack?
A homograph attack uses Unicode characters that look identical or nearly identical to ASCII characters to register domains that appear the same to human eyes. For example, using Cyrillic 'а' instead of Latin 'a'. Modern browsers display the Unicode version in the address bar.
Can I force lookalike domains to be taken down?
It depends on jurisdiction and evidence of bad faith. UDRP and court action are options. For active phishing, report to registrars and abuse databases — most registrars respond quickly to phishing reports.

Related Guides

high Dark Web Exposure Read Guide critical Email Spoofing Risk Read Guide critical Google Safe Browsing Read Guide

Check Your Domain Now

Run all 38 security checks including Typosquatting Monitor and get your domain's security grade in under 2 minutes.

Scan Your Domain Free