Cybercriminals are manifesting domain fraud in new ways by spoofing legitimate websites with altered top-level domains (TLD). Then they lure victims to these spoofed websites using social engineering tactics. Can false domain names trick people into visiting malicious websites?

Download Infographic

Download and share the infographic for free with employees.

For example, instead of, a spoof site might use

Fraudulent domains provide the basis for a wide range of attacks such as wire transfer fraud, phishing, counterfeit good sales, and scams.

Did you know?

More than three-quarters of businesses found “lookalike” domains posing as their brand with a different top-level domain.

Our recommendations:

  1. Double-check the domain name before proceeding with a website.
  2. Look for spelling mistakes, grammatical errors, broken or stilted English in the content.
  3. Be cautious if something sounds too good to be true.
  4. Think twice before you click on a link or before sharing sensitive information online.