Category: Glossary

Typosquatting is the registration of domains based on common misspellings, keyboard slips, or character omissions of a legitimate brand or domain name. These domains are designed to capture user mistakes and can be used for phishing, fake landing pages, affiliate abuse, or malicious redirects.

Threat intelligence is evidence-based information about threat actors, infrastructure, techniques, and indicators that helps teams prioritize and respond to risk. In brand protection, threat intelligence connects suspicious domains to known campaigns, hosting patterns, and abuse history so triage becomes faster and more accurate.

SSL Certificate Monitoring watches newly issued certificates and certificate transparency logs for domains that reference your brand or suspicious variations. Because attackers often secure fake websites with HTTPS, certificate issuance can provide one of the earliest signals that a malicious site is about to go live.

Phishing attacks are fraudulent campaigns that trick users into revealing credentials, payment details, or sensitive information through deceptive messages or websites. Spoofed domains and impersonation pages are a common phishing delivery method because they create a false sense of legitimacy during the attack.

Lookalike domains are domains intentionally crafted to visually resemble a real brand by using similar characters, patterns, or wording. They are often harder to spot than obvious typo domains because they rely on visual similarity rather than simple spelling mistakes.

Domain spoofing is the use of deceptive domains that imitate a legitimate brand or business in order to mislead users, customers, or employees. This can involve lookalike domains, typo variants, fake support sites, or domain names designed to appear legitimate in emails, ads, and search results.

DNS Monitoring tracks changes to DNS records such as A, MX, NS, and TXT records that can reveal domain activation, mail abuse, or infrastructure pivots. It is especially useful for identifying when a suspicious domain moves from passive registration to an active phishing or spoofing setup.

Brand impersonation is the unauthorized use of a company name, logo, domain style, or messaging to deceive users into trusting a malicious asset. Attackers use brand impersonation to steal credentials, redirect payments, distribute malware, or damage trust by appearing to represent a legitimate business. Learn how detection worksBo

Attack Surface Monitoring is the continuous observation of external assets, domains, certificates, and infrastructure changes that may signal abuse or exposure. It is how organizations catch newly registered lookalike domains, DNS shifts, and active phishing infrastructure before those threats escalate.

Attack Surface Management is the ongoing process of discovering, inventorying, and reducing all internet-exposed assets that could be abused by attackers. For brand protection, ASM helps teams understand where risky domains, exposed services, and forgotten assets create openings for impersonation or phishing campaigns.