Domain typo-squatting is commonly used to spread malware to users whom accidentally misspell a legitimate domain in their web browser. 1 A new type of domain typo-squatting takes advantage of an omission instead of a misspelling. A Doppelganger Domain is a domain spelled identical to a legitimate fully qualified domain name (FQDN) but missing the dot between host/subdomain and domain, to be used for malicious purposes. Doppelganger Domains have a potent impact via email as attackers could gather information such as trade secrets, user names and passwords, and other employee information. Each company in the Fortune 500 was profiled for susceptibility to Doppelganger Domains and 151 companies (or 30%) were found to be susceptible. In large corporations, email usage is extremely high which dramatically increases the likelihood of mis-sent emails and data leakage. Here to read more.
Research on Doppelganger Domain0