Glossary
Homoglyph Attack — Lookalike Characters in Domains
A homoglyph attack uses characters that look visually similar to legitimate ones to create deceptive domain names. For example, the numeral 0 substituted for the letter O, or the numeral 1 for the letter l. Homoglyph domains are used in phishing campaigns because users often cannot distinguish them from legitimate domains in email clients or browser address bars.
Common Homoglyph Substitutions
- O → 0 (paypal.com → paypa0.com)
- l → 1 (paypal.com → paypa1.com)
- I → l (Illinois → lIlinois)
- rn → m (amazon.com → arnazon.com)
How to Find Homoglyphs of Your Domain
Run DomainPreflight Typosquat Monitor — it generates homoglyph variants of your domain and checks which ones resolve to live websites.
Check homoglyph variants
Open Typosquat Monitor →FAQ
What is a homoglyph attack?
Using visually similar characters to create deceptive domain names — like replacing the letter l with the numeral 1 in a domain name.
How do homoglyph domains bypass detection?
Many email clients and browsers render similar-looking characters identically. Users can't tell the difference without carefully inspecting the full URL.
How do I find homoglyph domains targeting my brand?
Run DomainPreflight Typosquat Monitor — it checks homoglyph variants and shows which ones resolve to active websites.