Character Repetition
Doubles each character in the domain name. Attackers register these to catch users who accidentally press a key twice.
How It Works
This technique doubles each character in the domain name one at a time. It exploits the common mistake of pressing a key twice. For N characters, it generates N variations. These domains look very similar to the original and can be hard to spot, especially in URLs displayed in small fonts.
Real-World Examples
- gooogle.com (extra "o" in google)
- faccebook.com (extra "c" in facebook)
- yahhoo.com (extra "h" in yahoo)
Prevention Tips
- Register common double-letter variants of your brand domain.
- Monitor certificate transparency logs for domains with repeated characters.
- Educate users to verify URLs carefully before entering credentials.