Enter your domain: we instantly test 15 close variants (swapped letters, digits replacing letters, other extensions) to see if someone registered them.
Free, no signup. Result right on this page.
A lookalike domain (typosquatting) is a variant of your domain name: a letter replaced by a digit (cyberbi1an.ca), two letters swapped, or the same name under another extension (.co instead of .ca). To the naked eye, in an email, the difference is almost invisible.
It is the classic starting point of CEO fraud and fake invoices: the fraudster registers the lookalike, creates an email address on it, and writes to your clients or your accounting team pretending to be you. Unlike direct spoofing (blocked by DMARC), the lookalike is a real domain — your protections do not apply to it.
First, no panic: some lookalikes are other legitimate businesses. Check what the domain hosts. If a site imitates yours or sends fraudulent emails: report it to the lookalike's registrar and host, warn your clients, and document everything. As prevention, many businesses register the 2-3 most obvious variants themselves (a few dollars a year). Cyberbilan Pro monitoring watches weekly for new lookalikes and alerts you.
Registering a domain very close to yours (typo, digit replacing a letter, other extension) to fool your clients or employees — usually for phishing or fraud.
DMARC stops a fraudster from sending email from YOUR domain. A lookalike is a different domain that belongs to them: they can configure SPF and DKIM on it perfectly. It is a complementary threat, monitored separately.
No. It can be another business with a close name, or a domain reseller. The red flag is a lookalike hosting a copy of your site or sending emails.
For the 2-3 most obvious ones (your .com if you are on .ca, the most natural typo), it is cheap protection — a few dollars a year each.
Yes, free and no signup. The Pro plan adds automatic weekly monitoring with an email alert as soon as a new lookalike appears.