Domain Spoofing: What it is, red flags to spot, and how to avoid the trap

Domain Spoofing

What it is

Domain spoofing is when attackers pretend to be a trusted website or sender by using a look-alike address - think paypaI.com (with a capital “I”), or emails that seem to come from your bank. The goal is to trick you into entering passwords, downloading malware, or sending money.

How it works 

  • Look-alike domains: swapped letters, extra words, or different endings (.co vs .com).

  • Email impersonation: forged “From” names, copied logos, and real-looking signatures.

  • Link masks: buttons say one thing, but the actual URL goes somewhere else.

Red flags

  • Urgent messages about payments, deliveries, or account “verification”

  • Slight misspellings in the domain or a different domain ending

  • Links that don’t match the sender’s real website when you hover

  • Attachments you didn’t expect (invoices, resumes, zipped files)

If you suspect spoofing 

  1. Pause - don’t click. Hover over links and read the full address.

  2. Verify out of band: call the company using a number you trust or visit the site by typing it in.

  3. Report and delete the message; if you clicked, change passwords from a clean device and turn on MFA.

Prevent it

  • Use MFA so a stolen password isn’t enough.

  • Bookmark important sites and use those bookmarks to sign in.

  • Teach your team/family to hover and check before clicking.

  • For businesses: set up DMARC, DKIM, and SPF to block spoofed emails.

    Glossary (A–Z)

    All A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

      • Related Articles

      • Phishing

        What it is Phishing is a scam where someone pretends to be a trusted person or service to trick you into giving up passwords, card numbers, or other sensitive data. It shows up in email, texts, social DMs, and look-alike websites. For a quick ...

      • Social Engineering

        What it is Social engineering is tricking people into doing something they shouldn’t - like clicking a link, sharing a code, or paying a fake invoice. Instead of hacking computers, attackers hack trust with stories that feel urgent, helpful, or ...

      • Spoofing

        What it is Spoofing is when someone pretends to be a trusted person or service by faking details like email sender, phone number, website address, or even a Wi-Fi name. The goal is to make you drop your guard and click, share a code, or send money. ...

      • Baiting

        What it is Baiting is a social-engineering trick: attackers dangle something tempting—an “urgent” work file, free software, a giveaway—to make you install malware yourself. The lure feels legit; the payload hides in the download. How it works A ...

      • Address Bar Spoofing

        What it is Address bar spoofing is a visual trick: the page makes your browser’s top bar look like you’re on a trusted site when you’re not. Fake URL, real danger—because you’ll feel safe entering logins or payment details. Why it works Pop-ups or ...