Someone tries to imitate an existing company or person. To do so, they register a domain name that looks so similar to the original that they could be mistaken for each other.
A domain name that looks very similar to the original. The owners' motivation for registering and operating these domain names varies. For example, it could be a case of attempted fraud, where the attackers try to trick the victim into believing they are on the original site. In many cases, such domains are also registered in order to divert website visitors who mistype an address to advertising sites.
Specific measures
Preventive measures
How the NCSC can help
Further Information
- If you find yourself on the wrong site, close the page immediately.
- Report it to the NCSC if it is a phishing site or spreading malware.
- Contact the registry of the affected domain to make them aware of the problem. Every registry has an abuse address for this purpose (e.g. abuse@).
- If your company's domain name has been copied and you want to regain control of it, the Arbitration and Mediation Center of the World Intellectual Property Organization (WIPO) offers a domain name dispute resolution procedure – this can help you avoid going to court. You can find more information on the WIPO website.
- Seek legal advice.
Make sure you are on the correct website before you enter any information.
- Your report helps the NCSC identify trends. This makes it possible for the NCSC to raise public awareness in a targeted way.
- The NCSC reports phishing sites to the relevant web hosting providers and registrar so that they can block the site or domain. The NCSC also informs providers of block lists. If it is a .ch or .swiss domain, the NCSC can have the website blocked directly.
- If a website is spreading malware, the NCSC will contact the hosting provider to have the malicious content removed. If it is a .ch or .swiss domain, the NCSC can have the website blocked directly.
Last modification 06.11.2025
