Use the HTML Title Impersonation query

  • Updated on Oct 30, 2024
  • Published on Jul 10, 2024
  • 1 minute(s) read
Prev Next

Threat actors impersonate your domain using your HTML title to mimic the trustworthiness of your legitimate domain and increase their credibility in search results.

They use your HTML title for:

  • Phishing campaigns
  • URL manipulation
  • Redirection to lower suspicion when users are redirected to their illegitimate domain.

When threat actors impersonate your HTML title it helps them evade detection mechanisms that monitor for explicit branding or logo abuse.

Our HTML Title Impersonation query helps you identify these impersonation attempts by flagging potentially malicious sites that impersonate trusted domains. Users can proactively detect and address phishing domains that are created to deceive users.

To identify fraudulent domains that are impersonating your infrastructure by using your HTML title, use the HTML Title Impersonation query:

Use the HTML Title Impersonation query

  1. From the home page, select Brand Impersonation.

  2. Select HTML Title Impersonation.

  3. Select Create New +.

  4. In the Domain Name box, enter the name of a domain to investigate.

  5. Select Search.

  6. (Optional) To save your results, select Save.

  7. (Optional) To set up an alert for your results, select Monitor.

Understand your HTML Title Impersonation results

Use the following table to understand the details of your results:

Column Name Description
1 html_title HTML title of the result that we return.
2 scan_date Date and time that we scanned the data.
3 origin_url URL that we originally scanned.
4 URL URL that is the final destination of your query.
5 IP IP address of the domain.
6 hostname Name of the domain.

  • To add a filter or remove a filter from the results table, select the icon next to Basic Raw Data, and choose your preference.

  • To expand on a specific result to your query and view additional information, select Expand.