As new domains appear, you need to classify those using the following options:
Low Risk: The lookalike is moved to Low Risk
Enable Low Risk autoclassification. This auto-classification will add the TLD (Top Level Domain) and all of its current as well as future subdomains to your low risk list.
Add to my domains: The lookalike is added to OnDMARC (If applicable).
Mark as a High Risk and to OnINBOX threat list: The lookalike is moved to High Risk.
Mark for takedown. The lookalike is moved to High Risk and Takedowns.
Delete: The lookalike is removed from OnDOMAIN.
Tip: You can add and hide icons from the top bar with adjusting the Columns.
For each lookalike domain, you can get insights on the following:
Lookalike: Name of the detected domain that is similar to one of the domains that was added to the "Domains" page.
Update date: Most recent time in which OnDOMAIN scanned this lookalike domain.
Observed date: The time on which OnDOMAIN spotted the lookalike domain for the first time.
Risk Rating: Score value from 1 to 3, indicating how likely the lookalike can be considered as a threat. The higher the score, the bigger the likelihood.
Email ready: Indicates whether the lookalike is ready to send or receive emails and/or DMARC record check.
Web ready: Indicates whether the domain is ready to host a website.
Has screenshot: Indicates whether OnDOMAIN got a screenshot of the domain website.
IP reputation: Checks all IPs associated with the lookalike against threat feeds to make sure there are no issues.
Domain reputation: Indicates whether the lookalike domain has reputation issues associated.
Is subdomain: Indicates whether or not the lookalike is a subdomain.
DMARC Status: Display the Policy state (none, quarantine, reject) or leave empty if no DMARC record in DNS).
Category: Contains a list of tags related to an automatic origin discovery process (Parked, Assets and Abandoned).
Logo annotations present: Indicates whether at least one of the uploaded logos exists in the lookalike domain.
NS records: Lists the hostnames of the name servers that store all DNS records for that particular lookalike domain and subdomains configured with the same name server.
Similar to: Resemblance in appearance to your owned Domains (Listed in "Domains").
Flagged by Google: Shows red if the lookalike is listed on Google Safe Browsing list.
Manually Added: Shows green If the lookalike was added manually to OnDOMAIN.
Marked as HIGH RISK:
Note: We monitor lookalike threats 3-4 times a day.
Marked as LOW RISK:
Note: We monitor those domains once a week to ensure there is no change in the risk rating.
