A “fake domain” is not a formal technical category. People usually use the phrase for a web address that falsely appears connected to a real company, government service, bank, shop or individual. The domain may be newly registered, look similar to a trusted name, or host copied content—but none of these signs alone proves fraud.
The CyberRiskEvaluator Typosquatting Domain Evaluator helps compare a trusted domain with likely variations. For an unfamiliar web address, use the same principles in reverse: identify the true domain, compare it with the claimed identity and collect evidence before deciding whether to trust it.
Compare the official domain with likely deceptive variations and investigate the exact address before entering credentials or payment data.
Check a DomainLong URLs can place a trusted name in a subdomain, path or query string while the actual domain belongs to someone else. Read from the top-level domain toward the left to identify the registrable name, and be cautious with shortened or encoded links.
For example, a familiar company word at the beginning of a URL is not sufficient. The controlling domain may appear later. Use a reputable URL parser or security tool instead of manually guessing when the structure is complex.
Legitimate websites can display one or more of these characteristics, and polished fraudulent sites may display none. Use the signals collectively.
HTTPS encrypts communication between the browser and the server. It helps prevent interception, but it does not prove that the server belongs to the organization shown on the page. A deceptive domain can obtain a valid certificate for its own name.
Validate ownership through the official company website, saved bookmarks, verified app links or a known telephone number. Never use contact details taken solely from the suspicious page to verify that same page.
Look for the official domain through independent sources, compare spelling carefully and search for public warnings from the organization or relevant authorities. Use passive reputation and registration services according to your privacy policy.
For shops, verify the legal business identity, return information and payment protections. For employment offers, contact the employer through its published careers site. For financial services, use the institution’s official app or manually entered bookmark.
Do not continue interacting. Preserve the original message and URL, report the domain to your security team or the impersonated organization, and use appropriate browser or platform reporting functions. Organizations should also contact relevant abuse providers with evidence.
After entering credentials, change them from a trusted device and revoke sessions. After payment, contact the payment provider or bank immediately. After downloading a file, disconnect and follow the organization’s malware-response process rather than attempting ad hoc cleanup.
A domain can change ownership, content and infrastructure. A legitimate site can be compromised, and a malicious site may remain inactive until a campaign begins. Automated scores are snapshots based on available signals.
Treat the result as decision support. High-risk actions—logging in, transferring money, installing software or submitting identity data—should require independent verification even when an automated check finds no obvious problem.
No. Tools can surface warning signs and similarity, but authenticity requires corroboration from ownership, context, activity and independent sources.
No. HTTPS protects the connection to the domain shown; it does not prove that the domain represents the claimed organization.
Identify the registrable domain rather than trusting familiar words in subdomains or paths. Use an approved parser when uncertain.
Contact your bank or payment provider immediately, preserve evidence, report the fraud and monitor affected accounts.
Yes. Real websites can be compromised or abused. Domain checks should be combined with browser, endpoint and transaction protections.
Discover plausible typo, lookalike and impersonation domains around a trusted web address, then prioritize the candidates that deserve investigation.
Analyze Your DomainThe following external resources provide additional context on typosquatting, adversary-owned domains, impersonation and internationalized-domain homographs.
Content reviewed on 14 July 2026. Domain similarity is not proof of malicious intent. Legal disputes should be reviewed by qualified counsel, and suspicious infrastructure should be investigated through approved security procedures.