A
cousin domain (or look-alike domain) is a domain that looks deceptively similar to
a legitimate
target domain, which is well-known or familiar to users. Cousin domains are often
used in
phishing attacks to steal sensitive or confidential information from users. Cousin
domains are
usually created by replacing one or more characters (for example, replacing the letter
"l" with
the number "1") or adding or removing an extra character in the domain name. Without
careful
inspection of the email addresses, users may not notice the trick and think that an
email message
is sent from a legitimate domain being forged.
Using the advanced antispam engine, Deep Discovery Email
Inspector can scan domains in email messages (
from and
replyto headers) based on the settings you configure to detect spam and
phishing messages.