Go Back

Platform Release 3.15: detect cybersquatting threats faster

April 6, 2017


Our latest platform release (3.15) features an amazing update in the Phishing & Cybersquatting module, giving you the ability to detect a wider variety of cybersquatting threats in a more efficient manner, making your life easier.

Cybersquatting cases hit record level

Cybersquatting is when a website domain is registered with the name of a popular brand by someone outside the organization, in the hope of reselling it at a profit. According to World Trade Review, Cybersquatting cases hit record level with Uniform Domain Name Dispute Resolution Policy (UDRP) case filings at WIPO smashing through the 3,000 barrier for the first time in 2016.

What’s more, generic top-level domains are now among the most widely used top-level domains in email spamming activities. Email spamming – a common type of phishing campaign that enabled malicious actors to hack the Democratic National Committee during the 2016 US presidential election – attempts to gather sensitive information about corporations or their customers. The information can then be used against the company or sold to make a profit.

How Blueliv can help

The Blueliv Cybersquatting module helps businesses to detect domains registered with similar names to those registered by the company itself. If such domains exist, they could potentially be used to replace the company’s original domains in phishing scams that attempt to acquire sensitive information.

Monitoring these domains is a time-consuming and resource-intensive job for security & SOC teams without specialist tools. With Blueliv’s automated Cybersquatting module doing the search for you, your security & SOC teams save a significant amount of time and resources that would otherwise be spent searching, monitoring, collecting and analyzing cybersquatting attacks against your business.

New powerful cybersquatting algorithms

The Phishing & Cybersquatting module now includes two new search filters. These new filters enable you to generate more keyword variations automatically, increasing your efficiency and saving you time.

In the “Typosquatting  by similarity” tab you will find a typosquatting internal automatic keyword generator. With the list of keywords you provide, this feature enables you to both quickly and easily find similar domain names that represent cybersquatting threats.

Moreover, the “Typosquatting by distance” tab allows you to find domain names that are a configurable distance from your original keyword. The configuration allows you to decide the number of character variations used in the generation of search terms from a given typosquatting keyword.

e.g.: “intelligence”, the minimum distance is 2 characters, the maximum distance is the length of the word, minus 2 characters. A new domain could be “inetlligence”.

Other improvements

Amongst other subtle optimizations that contribute towards the performance of the platform, the release includes the following improvements:

  • Improved language detection in the Dark Web module
  • Optimized thumbnails tab performance in the Brand Abuse module
  • Other minor improvements in the labeling and the “export to excel” feature

If you want to introduce external threat intelligence into your existing cyber security strategy, we’d love to talk about it with you. Get in touch with us at

Community Support Demo