Step-by-step instructions for hardening your domain, responding to lookalike threats, and getting attacker infrastructure taken down.
Prevent email spoofing from your domain. Critical when a lookalike domain has MX records.
Highest priorityFrom p=none to p=reject safely. The 3-phase escalation path with rua-driven gates between each step.
PlaybookReport a lookalike domain to the registrar that sold it. Works for both inactive and active domains.
Get browsers to warn users about a live phishing site via Google Safe Browsing and Microsoft SmartScreen.
Use ICANN's dispute resolution process to reclaim a domain registered in bad faith, without going to court.
Register common typos and TLD variants of your domain before attackers do.
ProactiveHow PhishFence determines if a lookalike domain is actively phishing, and how to prioritize your investigation.
Investigation