Go to OnDOMAIN
All Collections
Getting around OnDOMAIN
How to classify lookalike domains

How to classify lookalike domains

Stéphane Puthod avatar
Written by Stéphane Puthod
Updated over a week ago

As new domains appear, you need to classify the domains using the following options:

  • Mark safe: The lookalike will be moved to SAFE.

  • Add to my domains: The lookalike will be added to OnDMARC (If applicable).

  • Block and mark as a threat: The lookalike will be moved to THREATS.

  • Mark for takedown: The lookalike will be moved to THREATS and TAKEDOWNS.

  • Delete: The lookalike is removed from OnDOMAIN.

For each lookalike domain, you can get insights on the following:

  • Confidence level

  • Email ready

  • Domain reputation

  • IP security

  • Web-ready (handy for SecOps)

    • name server

    • IP addresses

    • screenshot so you can see the property

    • history - any change to DNS will be monitored and highlighted

  • Sync with OnINBOX (If Applicable): Add the Domain as a THREAT to OnINBOX

  • Logo Annotations present: Check if there is a Logo matching a Tag

  • Logo Annotation tag matches: Shows the Tag name(s) found on the Website

Marked as THREAT:

Note: We monitor lookalike threats 3-4 times a day.

Marked as SAFE:

Note: We monitor these domains once a week to ensure they are still safe.

Did this answer your question?