doppelganger is a domain name that is identical to a homogeneous domain name (FQDN), but does not include the dot between host / subdomain and domain.

Overview

Typosquatting’s traditional attack vector is through the web to deliver malware or harvest credentials. Other services such as SSH, RDP, and VPN also can be leveraged. In a whitepaper by Godai Group on doppelganger domains, they can show you many emails. [1]

Example

If someone’s email address is “someone@finance.somecompany.example”, the doppelganger domain would be “financesomecompany.example”. Hence, if someone is trying to send an email to that user and they forget the dot after “finance” (someone@financesomecompany.example), it would go to the doppelganger domain instead of the legitimate user.

See also

  • Anticybersquatting Consumer Protection Act (ACPA)
  • Domain Name System (DNS)
  • phishing
  • Uniform Domain-Name Dispute-Resolution Policy (UDRP)

References

  1. Jump up^ “Doppelganger Domain whitepaper” . Godai Group . Sep 6, 2011.