Domain Threats

Understand Threats Against Your Domain and Brand

Be Master of Your Domains

As brands increasingly transact business and engage with customers through their website, having an advanced domain infringement detection strategy is critical. Threat actors can easily and cheaply register domains using trusted brand names to drive monetizable traffic to other sites, phish for sensitive data, distribute malware, sell counterfeit goods, and more.


Domain Threats


RiskIQ Domain Threats provides comprehensive detection of brand-related domains combined with the intelligent discovery of a brand’s legitimate domain footprint to identify infringing domain names. Via our proprietary virtual user technology, RiskIQ analyzes a brand’s official site content and behavior. Experiencing websites the same way that real users would ensure that we uncover malicious and fraudulent activities designed to elude detection by other detection methods.

Get the datasheet—External Threat Detection: Domain Threats

Why do domain threats matter?

Organizations invest significant resources in designing, securing, and driving traffic to official websites to build and preserve customer loyalty and brand trust. However, these investments are undermined—and the security of the company and its customers threatened—when third parties register look-a-like domains containing the brand names, or variations and misspellings of the brand names, to divert users away from the legitimate site or sites.

It’s easy for users to follow links in social media, emails, and on other websites where the actual URL isn’t easily seen. And while many users may notice when they expect to go to www[.]domain[.]com and instead end up at www[.]somethingotherthandomain[.]com, it’s not as easy to see the difference between www[.]domain[.]com and www[.]dornain[.]com (note that the R and N side-by-side look like an M). These threats also use subdomains to target your organization.

Any URL can lead to websites hosting phishing pages, scams and counterfeit goods, or malware. And it’s important to understand the domains, subdomains and actual websites that are using branded terms and look-a-like terms that are targeting your organization.

Watch the Webinar

Subdomain Infringement: The unseen threat that’s running rampant

Comprehensive discovery of threats against your domain

RiskIQ searches WHOIS registrations and DNS data to identify third-party owned domains and subdomains containing exact matches or close spelling variants to branded terms. Our proprietary discovery technology automatically maps out all of an organization’s legitimate websites and infrastructure. That information is then used to intelligently distinguish between company-owned domains and infringing domains and subdomains. The result is fewer false positives and more accurate risk identification.

After identifying an infringing domain, RiskIQ’s unique virtual user crawling infrastructure intelligently analyzes the web page and HTML code associated with it. The virtual users detect brand references, logos, and other site content, and follow redirects and load scripts that may lead to malicious content or phishing. Virtual users visit websites from multiple geographic locations and browser types, just like a real user would. This provides the additional context needed to determine how threat actors may be using each domain and the risk it poses to the associated organization.

Subdomain Infringement: The Unseen Threat

Learn about the rest of the External Threats solution set

Learn more about the individual threat types that make up the External Threats solution set:

Mobile Threats
Social Threats
Phishing Threats