// Case Studies
Brand & domain monitoring: spotting lookalikes and phishing early
Before a phishing or fake-shop campaign starts, perpetrators usually register a domain resembling your brand, set up certificates and place the site behind a proxy. Exactly these preparation traces are externally observable — giving a head start before customers are hit. This is how brand and domain monitoring works.
Updated: 2026-07-11
How the case was handled
- 1Systematically watch name variants of your brand — typo, add-on and foreign-TLD variants.
- 2Evaluate newly issued certificates for similar domains (Certificate Transparency) — they reveal fresh lookalikes early.
- 3Assess registration date, registrar and hosting: very young domains hidden behind a proxy are a warning sign.
- 4Check suspicious sites in isolation — never on your own device — for brand imitation and cloaking.
- 5On hits, trigger the right reporting chains (hosting/proxy, registrar, browser protection) and block internally.
What to avoid
- Do not wait for the first customer complaint — by then the campaign is already running.
- Do not rely on a name alone — attackers use similar spellings and foreign endings.
- Do not open suspicious lookalike domains in your everyday browser.
- Do not ignore newly registered similar domains — even if they still look 'empty'.
How SKOPION helps
SKOPION passively watches domains and certificates that imitate your brand, validates hits in multiple stages and delivers a documented report with recommended actions — so you can react before a lookalike becomes an incident.
Confidential enquiryFAQ
- Why monitor if nothing has happened yet?
- Because the preparation is visible: domain registration and certificates often appear days before the attack — that head start protects your customers.
- Are third-party systems touched?
- No. Monitoring uses only externally accessible sources — no active tests, no intervention.
- What happens on a hit?
- You get a documented assessment and concrete next steps — from reporting to an internal block.