đ RealâWorld Examples of Domain Impersonation Scams
-
Pfizer RFQ Scam
Between AugâDec 2024, attackers registered domain names like pfizer-nl.com, pfizertenders.xyz, etc., to impersonate Pfizer and send fraudulent 'Request for Quotation' emails to business partnersâleading to credential theft. 410 phishing emails were confirmed from these lookalike domains.
-
Booking.com Credential Harvesting
Booking.com Credential Harvesting
Starting December 2024, a phishing campaign used fake domains resembling booking.com to deliver malware to hospitality staff under urgent travel-related schemes -
Department of Transportation Phish
In August 2024, threat actors spoofed the U.S. Department of Transportation via the domain transportationgov.net to trick companies into clicking malicious âbiddingâ links
-
Tech Startups â ÂŁ16K Loss
In the UK (reported 2015), scammers procured lookalike domains (e.g. swapping lowercase âlâ for âiâ) and sent invoice emails impersonating CEOs to finance staff, successfully stealing over ÂŁ16,000
đ Why This Happens
-
Lookalike & typo-squat domains are dirt cheapâTYPOs like .nl instead of .com are easy to exploit
-
Phishing domains stay live for ~11.5 days after detectionâenough time to cause real damage
-
Victims donât differentiate between their brandâs various TLDs.
đ¨ How This Harms Companies
â The Dobrainer Approach
We preemptively register all major TLDs of your brand (e.g., .com, .net, .biz) which are in direct danger.
You can rent, buyâor let us manage these domains on your behalf.
This halts scammers right at the registrar, before they can use domains to deceive.