Here's how to protect your brand against impersonation attacks
Now Reading
Here’s how to protect your brand against impersonation attacks

Here’s how to protect your brand against impersonation attacks

Changes in the threat landscape require that the strategy must extend beyond the traditional perimetre-orientated defence says Werno Gevers, regional manager, Mimecast

Avatar

Brand impersonation attacks are easy to create. Even unsophisticated hackers can impersonate a website or send fake emails using legitimate domains. What are the ways to combat such attacks?

Organisations need to take responsibility and implement solutions and processes to protect their brands online. Mimecast’s Brand Trust research highlights the role of brands in protecting their customers from cyberattacks. The survey found that 75 per cent of consumers in Saudi Arabia, and 78 per cent of consumers in the UAE, said they’d stop spending money with their favourite brand if they fell victim to a impersonation attack involving that brand.

In light of continued digital interactions between brands and their customers, the financial imperatives of providing adequate protection for customers online are clear. Organisations need to go to greater lengths to protect their brands from cybercriminals who imitate their websites and emails and launch phishing attacks on their customers. There are a few ways to do this:

  • Firstly, marketers and cybersecurity teams must begin a productive, constructive partnership. With regular communication, you can determine whether email communications coming from your brand’s domain are illegitimate and potentially malicious, or actually legitimate and coming from third party providers engaged by marketing (or other departments).
  • Enforce DMARC – an email validation system designed to uncover anyone using a brand’s domain without authorisation and then block the delivery of all unauthenticated mail, preventing customers, partners, and employees from receiving emails from impersonators.
  • Proactively hunt for and takedown domain and brand abuse. This can be done by using third-party brand protection services. This solution uses a combination of machine learning and quadrillions of targeted scans to identify unknown attack patterns at an early stage, blocking compromised assets before they become live attacks. Or, if active attacks are discovered, they can be rapidly remediated to minimise damage.

Can you mention any examples of impersonation attacks in the Middle East region?

The most targeted industries in Saudi Arabia and UAE for impersonation – based on the number of phishing emails received by respondents of the survey – are online banking, retail, holiday providers and entertainment services. This aligns to our own internal research over the last year.

For example, in 2020 Mimecast ran an analysis of some of the UAE’s major banks and found the log in pages of two of them had been duplicated. Several suspicious domains were uncovered for both of the bank’s URLs and they each had at least one live attack. Banking customers that clicked on the malicious links were redirected towards another website impersonating the bank, that looked exactly like the real thing.

That said, while banks are the most targeted, they’re not at the bottom of the list when it comes to trust, according to the report. This may because of a surge in cybersecurity measures among banks over the past few years. Banks have revisited their entire operating models, setting up dedicated fraud desks handling any possible issues customers may face around the clock and communicating extensively about cyber threats.

More recently our researchers ran an analysis on Amazon, ahead of the busy shopping period. Between May 3 and October 1, 2021, the keyword ‘amazon’ generated over 1 million registered domains online. On October 3 alone, we found over 5000 domains registered with that keyword. While some of those may have been legitimate (e.g. affiliations, new products on the website or campaigns for the upcoming shopping season), with that many new domains popping up on a single day, most of them are likely suspicious.

Can you explain in brief the Mimecast Zone 3 solution?

Zone 3 is not a solution as such, but rather an offering made up of different services that work in conjunction with all of our other security products that fall within Zones 1 and 2. In essence, we want to communicate that when it comes to cybersecurity, you can’t rely exclusively on a single solution. Changes in the threat landscape require that the strategy must extend beyond the traditional perimetre-orientated defence, to an email security strategy that is more pervasive, multi-zoned, and integrated with a company’s overall security systems.

Zone 3 looks beyond the perimeter. Without confronting an organisation’s perimetre or trying by other means to get inside its email network, it is quite easy for attackers to easily impersonate a brand on the internet. They can leverage and ultimately destroy value and trust that a brand owner may have taken years or decades to build. Attackers register a similar brand domain or host a website or login page and draw customers, partners or the public to it. The cost to a business or its customers may be considerable, as our research has shown.

DMARC and BEP are the Mimecast solutions that fall within Zone 3 and are critical in protecting organisations from fraudulent activity.

Read: Over 85% of Saudi organisations attribute cyberattacks to vulnerable technology

Also read: Why cybersecurity is a matter of national security

You might also like


© 2021 MOTIVATE MEDIA GROUP. ALL RIGHTS RESERVED.

Scroll To Top