doppelganger is a domain name that is identical to a homogeneous domain name (FQDN), but does not include the dot between host / subdomain and domain.


Typosquatting’s traditional attack vector is through the web to deliver malware or harvest credentials. Other services such as SSH, RDP, and VPN also can be leveraged. In a whitepaper by Godai Group on doppelganger domains, they can show you many emails. [1]


If someone’s email address is “someone@finance.somecompany.example”, the doppelganger domain would be “financesomecompany.example”. Hence, if someone is trying to send an email to that user and they forget the dot after “finance” (someone@financesomecompany.example), it would go to the doppelganger domain instead of the legitimate user.

See also

  • Anticybersquatting Consumer Protection Act (ACPA)
  • Domain Name System (DNS)
  • phishing
  • Uniform Domain-Name Dispute-Resolution Policy (UDRP)


  1. Jump up^ “Doppelganger Domain whitepaper” . Godai Group . Sep 6, 2011.