Combat Typosquatting Attacks
Typosquatting exploits human typing errors. A user intending to visit "example.com" might accidentally type "exampel.com" or "examlpe.com"—and land on a malicious site instead.
Our typosquatting detection generates comprehensive permutation lists and monitors registrations across all variations to catch attackers who exploit these mistakes.
Detection Methods
Character Substitutions
- Vowel swaps (a↔e, i↔o)
- Common typos (rn↔m, cl↔d)
- Number substitutions (0↔o, 1↔l)
- Homoglyph attacks (а vs a, using Cyrillic)
Character Omissions & Additions
- Missing characters (exampl.com)
- Doubled characters (exammple.com)
- Adjacent key additions
Keyboard Layout Errors
- Adjacent key substitutions based on QWERTY layout
- Shifted character errors
Structural Variations
- Missing or extra hyphens
- Wrong TLD extensions (.com vs .co, .org)
- Subdomain variations
Monitoring Coverage
We monitor typosquatting variants across:
- All major gTLDs (.com, .net, .org, etc.)
- Country-code TLDs (ccTLDs)
- New gTLDs (.app, .io, .online, etc.)
- IDN (Internationalized Domain Names)