Doppelganger domain

From Wikipedia, the free encyclopedia
Jump to: navigation, search

A doppelganger domain is a domain spelled identical to a legitimate fully qualified domain name (FQDN) but missing the dot between host/subdomain and domain, to be used for malicious purposes.


Typosquatting's traditional attack vector is through the web to distribute malware or harvest credentials. Other vectors such as email and remote access services such as SSH, RDP, and VPN also can be leveraged. In a whitepaper by Godai Group on doppelganger domains, they demonstrated that numerous emails can be harvested without anyone noticing.[1]

See also[edit]


  1. ^ "Doppelganger Domain whitepaper". Godai Group. 6 Sep 2011. 

External links[edit]