GUIDES
Playbooks
Respond to Look-alike Domains Events
4 min
the look alike domains alert gives you insight into potential upcoming phishing or look alike websites malicious actors frequently register an ssl certificate before their website goes live in order to prevent browser warnings and lower their victim's suspicion what's the risk? a look alike domain is a website domain name that is intentionally or unintentionally similar to a legitimate website domain name the risks associated with a look alike domain include phishing cybercriminals can use look alike domains to trick users into thinking they are visiting a legitimate website and steal their sensitive information such as login credentials, credit card numbers, or other personal information malware a look alike domain can also be used to distribute malware such as viruses, trojans, or ransomware to unsuspecting visitors this malware can infect the visitors' devices and compromise their security brand damage look alike domains can harm the reputation and trust of legitimate companies or individuals whose names are being used it can lead to confusion and mistrust among customers and stakeholders intellectual property infringement if a look alike domain is intentionally designed to resemble a legitimate website, it may infringe on the intellectual property rights of the original website owner, leading to legal disputes and penalties what should i do? verify the alert check the details provided in the alert, such as the domain name, ip address, and other relevant information, to determine whether the alert is valid you can cross check the information with other sources to verify its authenticity investigate the domain conduct a thorough investigation of the domain and its associated ip address determine the intent of the domain and the potential risks it poses to your organization report the incident if the domain impersonating your organization's brand is part of a larger cyber attack or campaign, report it to the appropriate authorities, such as law enforcement agencies or cyber incident response teams take action to mitigate the risk if you determine that the domain has a malicious intent, request a takedown from flare by using the takedown tab note this service is only avaiilable if you have purchased takedowns related articles