Combosquatting
Prepends or appends common words like "login", "secure", or "my". Often used in phishing campaigns to create convincing URLs.
How It Works
Combosquatting prepends or appends common words to your domain name. Words like "login", "secure", "my", "support", "pay", "verify" are frequently used in phishing campaigns. Unlike other techniques that modify the domain, combosquatting creates entirely new domains that include the original brand name, making them appear as official subbrands or services.
Real-World Examples
- paypal-secure.com (used in phishing campaigns)
- apple-support.com (impersonating Apple support)
- my-amazon.com (adding "my" prefix)
- google-login.com (targeting credential theft)
Prevention Tips
- Register combinations with the most common phishing words (login, secure, verify, account, support).
- Monitor for new domain registrations containing your brand name using services like DomainTools or SecurityTrails.
- Implement DMARC to prevent email spoofing from combosquatted domains.
- Report combosquatted domains used for phishing to the registrar for takedown.