Skip to main content
Enterprise|Brand Protection / Legal

Domain Portfolio Protection

Monitor for typosquatting and brand impersonation

Attackers register domains similar to your brand for phishing and fraud. EdgeDNS helps you discover and monitor potentially infringing domains.

The Challenge

Brand impersonation through lookalike domains is a growing threat. Attackers use typosquatting, homograph attacks, and similar-sounding domains to trick customers and steal credentials.

The Solution

Monitor domain registration patterns using WHOIS data, SSL certificate issuance via CT logs, and assess domain trustworthiness to identify potential brand abuse. For domains you own, subscribe them for continuous monitoring to detect unauthorized DNS changes, certificate swaps, and WHOIS transfers that could indicate domain theft.

Endpoints Used

Combine these EdgeDNS endpoints to build this solution.

GET
/v1/domain/whoisTry in Playground

WHOIS Lookup: Check domain registration dates and ownership

GET
/v1/domain/sslTry in Playground

SSL Certificates: Monitor certificate issuance from CT logs

GET
/v1/score/trustTry in Playground

Trust Score: Evaluate domain legitimacy and risk

GET
/v1/dns/lookupTry in Playground

DNS Lookup: Check if suspicious domains are active

GET
/v1/subscriptionsTry in Playground

Domain Subscription: Subscribe owned domains for private WHOIS, DNS, and cert change monitoring

GET
/v1/subscriptions/:id/alertsTry in Playground

Subscription Alerts: Get alerted to WHOIS changes, DNS modifications, and cert renewals

Results You Can Achieve

Early threat detection

Discover impersonation attempts before customer impact

Automated monitoring

Track newly registered domains matching your brand patterns

Evidence collection

Document ownership and registration details for takedown requests

Private monitoring for owned domains

Subscribe your domains for continuous WHOIS/DNS/cert change detection invisible to adversaries

Code Example

Check suspicious domains for brand abuse

javascript
const suspiciousDomain = 'examp1e-secure.com';
const headers = { 'Authorization': 'Bearer YOUR_API_KEY' };

const [whois, trust, active] = await Promise.all([
  fetch(`https://api.edgedns.dev/v1/domain/whois?domain=${suspiciousDomain}`, { headers }),
  fetch(`https://api.edgedns.dev/v1/score/trust?domain=${suspiciousDomain}`, { headers }),
  fetch(`https://api.edgedns.dev/v1/dns/lookup?domain=${suspiciousDomain}&type=A`, { headers }),
]);

const data = await Promise.all([whois.json(), trust.json(), active.json()]);

if (data[1].data.score < 30 && data[2].data.records.length > 0) {
  console.log('High-risk active domain detected:', suspiciousDomain);
}

Learn More

Explore industry standards and best practices related to this use case.

ICANN DNS Abuse Mitigation Program

ICANN's centralized program for addressing DNS abuse including typosquatting and phishing

Anti-Phishing Working Group (APWG)

International coalition of 2,000+ institutions focused on countering phishing and domain abuse

ICANN Uniform Domain-Name Dispute-Resolution Policy

Dispute resolution policy for addressing bad-faith domain registrations and cybersquatting

Ready to build Domain Portfolio Protection?

Get started with 200 free API requests per month. No credit card required.

Get Started FreeTry the Playground

Other Use Cases

Email Marketing / DevOps

Email Deliverability Monitoring

Improve inbox placement with proactive email authentication monitoring

Security Engineer / Compliance Officer

Security Compliance Auditing

Automate security posture assessments for SOC 2 and ISO 27001