Introducing OnDOMAIN: Quickly uncover and take down phishing sites

Domain security and brand protection are key priorities for businesses in 2022. Cyber threats like phishing, BEC, ransomware, zero-day attacks, and more are constantly evolving. So, the tools you use to protect your business should be too. 

With this in mind, we’re delighted to announce the latest addition to our cloud email security and brand protection platform: OnDOMAIN

What is OnDOMAIN?

OnDOMAIN observes the internet in near real-time to stop bad actors from creating phishing campaigns before they even have a chance to launch them. It provides security personnel with the most comprehensive insight into their domain perimeter, plus an integrated phishing takedown service.

Unlike other domain monitoring products that only look at top-level domains (TLDs), OnDOMAIN monitors 150 million newly registered domains and subdomains every day, uncovering any parked and forgotten domains, as well as impersonation sites. It constantly absorbs and examines intelligence from a wide array of data sources, including rasterized web snapshots, certificate registration, DNS signals, live spam data and more, in order to paint the full picture of a domain’s health and validity.

It enables security personnel to sort threats by their imminence, save time with event-driven alerts, and issue takedown notices once an impersonation domain has been identified.

OnDOMAIN's in-depth domain investigation

“For organizations to truly secure their domain perimeter, they need the ability to identify threats before they can be weaponized. OnDOMAIN makes it easy for security teams to define and visualize their complex domain estates in order to identify and disarm phishing attacks on day zero – before they launch. In doing so, we’re delivering a solution that helps organizations identify and continuously protect the entirety of their digital asset base.”

Rahul Powar, CEO Red Sift

How can I take down phishing websites with OnDOMAIN?

OnDOMAIN’s integrated takedown functionality leverages existing relations with registrars and hosting providers to quickly effect domain takedown. 

Our solution collects evidence on the offending domain, classifies if lookalike domains intend to commit fraud or brand infringement, and displays this data to users through a single pane of glass for their review and sending for a takedown. Users can check on a takedown’s status at any time and will also be alerted if the takedown status is updated.

OnDOMAIN's integrated takedown

OnDOMAIN also helps tackle ‘shadow IT’ by proactively identifying unprotected yet legitimate domains that may have been created without your IT department’s knowledge.

In addition, machine vision-based logo detection discovers the use of counterfeit brand assets across impersonation domains. This additional infringement classification piece provides domain registrars with the evidence they need to effect takedowns even faster.

OnDOMAIN logo detection

Complete brand protection with Red Sift 

OnDOMAIN is the latest addition to our Integrated Email Security and Brand Protection Platform and works alongside our existing cybersecurity products. It integrates with OnINBOX for automated supply-chain analysis, and OnDMARC for a detailed view of an enterprise’s existing domains. This means that data and processes can be shared across different branches of an IT department, providing organizations with layered, enterprise-level threat protection. 

To start protecting your brand, logo, digital assets, and domain perimeter, start your free OnDOMAIN trial today!

free trial OnDOMAIN


Francesca Rünger-Field

21 Apr. 2022



Recent Posts


Introducing DNS Guardian: Stop impersonation and spam caused by domain takeovers 

Rahul Powar

tl;dr: We’re thrilled to announce DNS Guardian — a new feature in Red Sift OnDMARC that can swiftly identify and stop domain takeovers that lead to malicious mail. Back in February, we shared updates with the community about SubdoMailing – an attack discovered by Guardio Labs. The attack was a form of subdomain takeover,…

Read more

Navigating the Information Security Landscape: ISO 27001 vs. SOC 2

Red Sift

As cyber threats evolve, so do the standards and frameworks designed to combat them. Two of the most recognized standards in information security are ISO 27001 and SOC 2. What sets them apart, and which one is right for your organization? Let’s delve into the key differences. Purpose and Scope: Global Framework vs. Client-Centric…

Read more

G2 Summer 2024 Report: Red Sift OnDMARC’s Winning Streak Continues

Francesca Rünger-Field

We’re delighted to announce that Red Sift OnDMARC has again been named a Leader in G2’s DMARC category for Summer 2024. This recognition is based on our high Customer Satisfaction scores and strong market presence. Red Sift appeared in 11 reports – 5 new ones since Spring 2024! – earning 5 badges: A few…

Read more

Google will no longer trust Entrust certificates from October 2024

Red Sift

Tl;dr: Google has announced that as of October 31, 2024, Chrome will no longer trust certificates signed by Entrust root certificates. While there is no immediate impact on existing certificates or those issued before 31st October 2024, organizations should start reviewing their estate now. On Thursday 27th June 2024, Google announced that it had…

Read more

Understanding the domain attack

Francesca Rünger-Field

tl;dr: The recent compromise of the domain has triggered a broad-reaching web supply chain attack, impacting over 100,000 websites across various sectors including finance, healthcare, non-profits, academia, and more. To ensure the security of your website, we strongly advise you immediately remove any reference to Latest update: 27th June 2024 Sansec, a…

Read more