Cyber Security and Doppelgänger Domains

Teresa Litrico
| 2/21/2018

Have you ever heard of the term doppelgänger domains? Until recently, we hadn’t either. Mind you, I would bet that, in some way or another, you may have already come across one.

Have you ever quickly typed in a web address only to realize that you have misspelt it and landed on some poorly designed “catch-all” website? Have you ever received an email that appeared to be from the Canada Revenue Agency, Microsoft or Apple but there was something that seemed a bit “off”? Very likely these were using doppelgänger domains, otherwise known as “typo-squatting”. In these cases, imitation is not the sincerest form of flattery. Typically, a doppelgänger domain is constructed with an unnoticeable typo such as exchanging two Vs for a W, a zero for an O or a small L for an I; something that at first glance is not immediately obvious.

Why would someone register a doppelgänger domain?

There is no innocent reason for registering a doppelgänger domain – just varying degrees of fraudulent motives. With a doppelgänger domain, one could attempt any or all of the following:

  1. wire fraud,
  2. impersonation of employees, or
  3. “phishing” to obtain sensitive information

No one is immune

The good news is that Canada has a very efficient and effective organization, the Canadian Cyber Incident Response Centre (CCIRC), that has been put in place to protect Canadian businesses and citizens from cyber fraud. The bad news is, there is no lack of innovation when it comes to those attempting to commit fraud.

And to that end, no one is too big, too small, too important or too insignificant to attack. We have recently been privy to a list of doppelgänger domains from a single fraudulent account that included everything from global jewellery brands to local flooring installers, from digital marketing agencies to utility companies.

What can you do?

  1. In general, be warry of unexpected emails. Double and triple check the URL of the sites before taking action.
  2. Always err on the side of caution when dealing with requests for data or funds.
  3. Report unusual emails or actions to your IT department immediately. Click here to report a cyber security incident to the appropriate authorities.
  4. Knowledge is power. Inform your clients, colleagues and associates of the risks associated with doppelgänger domains related to their own businesses and associated URLs.

This article has been prepared for the general information of our clients. Specific professional advice should be obtained prior to the implementation of any suggestion contained in this article.


Contact Us

Teresa Litrico
Teresa Litrico
Director, Digital Strategy