Finding Phishing Domains with DNSTrails

domains enterprise security

SecurityTrails Blog · Dec 28 2017 · by Esteban Borges

Reading time: 2 minutes

A few days ago we wrote an article demonstrating how anyone could easily have fun finding keyword based domains.

And today we believe we can present you another showcase on how useful this could be for companies who are looking to protect their brand, and avoid phishing over the Internet.

Let's take Paypal as an example. It's one of the most popular ways to send and receive money over the Internet. It is also often part of large phishing campaigns by third party malicious users who launch paypal domains like, etc. trying to steal end user login and passwords.

How can I find Phishing Domains with DNSTrails?

DNS Trails "paypal"

As you see on this example, we were able to find many domains that are actually owned by Paypal Inc, which is totally fine as many brands register extra domain names containing their company names.

However, if you take a look into the 13,033 Paypal related domains, you will notice there are lot of domains who are hosted elsewhere from Paypal servers, and that actually belong to 3rd party individuals who are using the Paypal brand.

Being able to find domains containing your brand name is not only useful to prevent and mitigate phishing from your brand, but also useful to prevent copyright and trademark legal issues with non-authorized users who use your company name in their domain names.

Try SecurityTrails and start protecting your brand. And if you need advanced security features, sign up for SecurityTrails, where you will find many more advanced DNS, domain and IP tools to protect your company.


Esteban Borges is a security researcher and technical writer specialized in Linux security. He has been working in the cybersecurity industry for more than 15 years, with a focus on technical server security and open source intelligence.