SecurityTrails Blog · Last updated on Aug 31 2020 · by Esteban Borges

Finding Phishing Domains with SecurityTrails

Reading time: 2 minutes

A few days ago we wrote an article demonstrating how anyone could easily have fun finding keyword based domains.

And today we believe we can present you another showcase on how useful this could be for companies who are looking to protect their brand, and avoid phishing over the Internet.

Let's take Paypal as an example. It's one of the most popular ways to send and receive money over the Internet. It is also often part of large phishing campaigns by third party malicious users who launch paypal domains like, etc. trying to steal end user login and passwords.

How can I find Phishing Domains with SurfaceBrowser™?

Our all in one corporate OSINT tool allows you to quickly find phishing domains in an instant.

  • Login to the SurfaceBrowser™ dashboard.
  • Enter the keywords you want to look for.
  • Wait for the results:
Paypal keyword search variations

As you see in this example, we were able to find many domains that are actually owned by Paypal Inc, which is totally fine as many brands register extra domain names containing their company names.

However, if you take a look into the 1003 Paypal related domains, you will notice there are a lot of domains hosted elsewhere from Paypal servers, and that actually belong to 3rd party individuals who are using the Paypal brand.

What about some variations like pay-pal?

If you want to try some variations, the results may show you some interesting domains that are definitely not related to the official Paypal brand. In this case, we found 266 domains.

Paypal keyword search

Being able to find domains containing your brand name is not only useful to prevent and mitigate phishing from your brand, but also useful to prevent copyright and trademark legal issues with non-authorized users who use your company name in their domain names.

Are you ready to try SurfaceBrowser™?

Book a demo today

Esteban Borges Blog Author

Esteban is a seasoned security researcher and cybersecurity specialist with over 15 years of experience. Since joining SecurityTrails in 2017 he’s been our go-to for technical server security and source intelligence info.