Steps to protect against online brand impersonation attacks

Cybersecurity experts are urging companies in the Middle East to take bold steps to protect against online brand impersonation attacks that could trick customers and employees into sharing sensitive personal information – or even passwords and banking logins.

Werno Gevers, cybersecurity expert at Mimecast, says cybercriminals are increasingly hijacking trusted brands to launch cyberattacks from lookalike web and email domains to increase their chances at successfully duping their victims – and many companies are not keeping pace.

“A lack of technology and appropriate security policies can leave the door open to criminals using trusted brands to trick customers, partners, suppliers and the brand’s employees,” says Gevers. “Deploying online brand protection tools can help companies identify and take down malicious websites impersonating their web and email domains before customers fall victim. This should be supported by a robust regime of frequent and ongoing cyber awareness training to equip every employee with the knowledge to spot and avoid risky behaviour.”

In a survey conducted by the company in 2021, 75 per cent of consumers in the Saudi Arabia and 78 per cent of consumers in the UAE said they’d stop spending money with their favourite brand if they fell victim to a phishing attack involving that brand. Compared to a global average of 57 per cent, this places the region’s consumers among the most unforgiving of all markets surveyed. More than 80 per cent of consumers in the region also believe it is the brand’s responsibility to protect itself from email impersonation, with a similar percentage saying it is the brand’s responsibility to protect itself from fake versions of its website.

Despite the risks, Mimecast’s latest State of Email Security 2022 report found that as much as 42 per cent of organisations in Saudi Arabia and 38 per cent in UAE were only somewhat prepared – or not prepared at all – to deal with attacks that spoof their email domains. This potentially leaves the door open to threat actors subverting trusted brands to trick consumers or employees into divulging information that could later be used in sophisticated social engineering attacks, or even to breach organisational defences.

Gevers says employees that receive suspicious email communication on their work email address should report it to their security teams immediately. “Security teams can use this information to contain the threat and protect the rest of the organisation. Security teams have tools and technologies that can protect people outside the organisation too, which can help keep threats from spreading to the company’s customers and partners. It is essential that dangerous communication is reported to security teams, as it helps improve the organisation’s security and resilience against attack.”

According to Gevers, there are some tell-tale signs that the person you’re speaking to may be a scammer, including:
Receiving unsolicited communication from someone or some company that you aren’t expecting
Messages that contain unbelievable offers, spelling errors or a sense of urgency
• Mails sent from webmail accounts, for example [email protected]
• Mails containing redirects to login pages that have suspiciously long URLs
• Being asked for PIN numbers or login details

“If you see one or more of the above signs, stop immediately and verify the request by contacting the organisation who is purportedly reaching out to you. Don’t rely on the number provided in the communication: if the email claims it’s from your bank, for example, rather phone the bank on their main number and check the validity of the communication. Don’t ever share your login details, don’t make payments with cryptocurrencies, and don’t click on links unless you know they can be trusted.”

Despite a company or consumer’s best efforts, there is still a possibility that cybercriminals could successfully trick someone into sharing personal information that the criminal may use later to commit further fraud or breach organisational defences.

If this is the case, Gevers advices that the victim take immediate steps to limit the potential damage.

“Firstly, change all your social media, email and banking passwords. If an email communication was sent to you by a scammer, report it to your security team so they are aware of it. No one likes to fall victim to cybercrime but it’s nothing to be embarrassed about. Being honest and swift can potentially prevent other people from falling victim too.”

He adds that any such cases should be reported to the relevant authorities so that law enforcement may investigate and, hopefully, find and prosecute the perpetrators. “Countries across the Middle East have acknowledged the dangers cybercrime poses to their citizens, businesses and critical infrastructure, and are taking steps to strengthen law enforcement capabilities to combat the scourge of cybercrime.”

Read: Cybersecurity attack: It all begins with an email, says Mimecast