Short definition: Impersonating a legitimate domain to deceive users or systems.
1 min read
What it is
Attackers create look-alike domains, forged email headers, or homoglyph variations to mimic trusted brands.
Why it matters
Domain spoofing fuels phishing, BEC fraud, malware distribution, and credential theft.
How to reduce risk
- Enable SPF, DKIM, DMARC
- Register typo-domains
- Monitor DNS changes
- Use email security gateways
- Train employees to verify sender identities