Glossary
Typosquatting — Domain Impersonation and Detection
Typosquatting is the registration of domain names that are intentional misspellings or lookalikes of legitimate domains, used to intercept traffic, conduct phishing attacks, or impersonate brands. Common techniques include character substitution, missing letters, doubled characters, and homoglyph attacks using visually similar Unicode characters.
Common Typosquatting Techniques
- Character substitution: paypa1.com (l→1)
- Missing character: paypl.com
- Doubled character: paypall.com
- Homoglyphs: pаypal.com (Cyrillic а)
- TLD swap: paypal.net, paypal.co
- Prefix/suffix: mypaypal.com, paypalapp.com
Typosquatting vs Cybersquatting
Typosquatting specifically targets users who mistype a URL. Cybersquatting is the broader practice of registering trademarked names. Both are used for phishing and brand abuse.
How to Detect Typosquatting
Monitor domain variants that resolve to active websites — these are the highest risk. A registered domain that doesn't resolve is less immediately dangerous than one serving live content.
How to Check for Typosquats
Use DomainPreflight's Typosquat Monitor to check 30-50 variants of your domain against live DNS — seeing which ones resolve and their risk level.
Check lookalike domains
Open Typosquat Monitor →