Frequently Asked Questions

Spoof Checker is a SaaS platform that continuously monitors the public internet for look‑alike domains that could be used to impersonate your brand, partners, or vendors. When we detect a suspicious registration, we notify you so you can act before criminals do.

We combine fuzzy‑matching algorithms, DNS zone monitoring, SSL certificate transparency logs, and passive DNS sources to spot permutations of your domains (e.g., typos, homoglyphs, extra words, different TLDs). Our engine checks hundreds of top‑level domains and keyword variations 24/7.

Newly registered look-alike domains will be alerted on within 24 hours.

You should add it to your organization’s email filtering policies and firewall/proxy blocklists to prevent both inbound email and web traffic to the malicious site. You can reach out to our team for assistance for the takedown process.

Spoof Checker’s typosquat reports will provide screenshots, whether the domain has an email server, and if the domain can receive emails. These are good clues to see if a domain can act maliciously or not, but at the end of the day a domain at any time can be set up for malicious purpose. This is why we monitor for changes, and with our premium package we track changes made to the site itself to try to see if a site may suddenly be impersonating yours.

Absolutely. We offer a Demo plan that lets you explore the dashboard with an example domain—no payment information required. If you’re ready to monitor your own brand, the Standard plan comes with the first month free.

We draft and submit registrar abuse reports for you, but the final takedown decision rests with the registrar or hosting provider. We will also need evidence that the fraudulent domain is acting in a malicious manner that warrants take down. While we can’t guarantee removal, our evidence‑rich submissions maximize success and save your team time.

Several widely-used frameworks now call for blocking or monitoring malicious or spoofed domains. ISO/IEC 27001 (Annex A 8.23) and CIS Critical Security Controls v8 (Safeguard 9.2) both require DNS or web filtering to stop users from reaching fraudulent sites. NIST SP 800-53 Rev. 5 (SC-20/SC-21) and NIST CSF 2.0 (PR.PT-4) emphasize secure, validated DNS services to detect spoofed look-ups. PCI DSS 4.0 (Req. 1.3.2) mandates restricting outbound traffic to approved domains, while SOC 2’s CC6.7/CC7.2 expects evidence that unauthorized external connections—including to rogue domains—are prevented or detected.

You can choose daily, weekly, or monthly reporting. You can switch frequencies any time from the report preferences page.

Typosquatting is a form of cybersquatting where a person registers a domain name that is a close misspelling of a legitimate website’s domain name, often with the intent to redirect users who make typing errors to a fake or malicious site. The purpose of this is usually to send phishing campaigns, commit fraud, or set up websites tricking your customers.

Yes, you can block a domain by adding it to your organization’s email filtering policies and firewall/proxy blocklists to prevent both inbound email and web traffic to the malicious site. Spoof Checker also offers a service to register look-alike domains on your behalf to prevent them being registered by bad actors.

Monthly:
• Standard – First month free, then $99 / month (single domain)
• Premium – $249 / month (up to five domains, abuse‑report assistance, site‑change monitoring)

Yearly:
• Standard – $990 / year (2 months free)
• Premium – $2,490 / year

Need to cover more than five domains or add domain‑parking services? Contact us for a custom quote.