What is a lookalike domain?

A **lookalike domain** visually resembles a legitimate domain to deceive users. Attackers register domains like paypa1.com, arnazon.com, or g00gle.com that look similar to trusted brands at a glance.

Lookalikes exploit human visual processing. We read quickly, recognizing familiar word shapes rather than examining each character. Similar letter combinations fool rapid recognition.

These domains bypass authentication completely since attackers legitimately own them. Defense requires: domain monitoring to detect registrations, user training to verify URLs carefully, and BIMI to provide visual brand verification.