27 Feb / 2023
A guide to taking the first step towards protecting your brand from online impersonation
Cybersecurity attacks cost businesses financially, operationally and reputationally. In Australia, a successful phishing attack costs on average $23,000 to remediate. This is one type of attack, let alone other types such as Denial of Service ($108,000 per attack), or web-based attacks ($177,000 per attack). As this number grows, the fallout ripples from executives down to end users. Tarnished reputation and loss of revenue threaten to close businesses, while downstream clients may never recover financial losses.
Social engineering and phishing type methods are still favoured by cyber-attackers, likely because they are still effective. Over 87,000 unique phishing campaigns are launched globally every month - that is a large volume to protect against.
One method of a social engineering type phishing attack is favoured by hackers: brand impersonation. By exploiting your hard-earned customer loyalty, malicious actors increase their chance of successfully deceiving their victims.
Brand impersonation involves malicious actors imitating your corporate identity online. Common tactics include domain impersonation (such as cybersquatting or typosquatting), social media impersonation and phishing (especially spoofing).
To manually check for online impersonation, you would need a dedicated security team working nonstop. In-house teams use search engine results page analysis, reverse image search, scheduled remote shutdown and social media trawling, but these ultimately fall short.
While your team may be aware of the methods they can take to prevent online brand impersonation, it is still inevitable. As hackers advance, the methods you use must too. The first step in safeguarding your corporate identity is to find out what data has already been leaked.
1. Deep Web Scanning
Deep web scanning is by far the most accurate and proactive approach to protecting your corporate identity. It offers the only comprehensive overview of what data exists across the entire internet, including the deep, dark and clear web.
Identifying malicious impersonators on the deep web gives you the best chance of removing the threat before they attack your business. Websites impersonating your domain are often bought and sold on the dark web before going live for use in phishing attacks.
A deep web scan detects brand impersonation on the deep web, including confidential information being bought and sold on the dark web. It also detects those malicious actors operating in plain sight on social media and other more accessible forums.
2. Email Security
As hackers consistently rely on phishing for attack, it’s a great place to start assessing the security of your corporate identity. Engaging an email security partner or enabling an email scanning tool can provide an overview of activity across your email server and endpoints.
An email security assessment can identify past cases of impersonation and run phishing simulations to evaluate real-time vulnerability to phishing attacks. This includes the state of your email security system and employee likeliness to engage with phishing emails.
Bear in mind that email is just one facet of your corporate identity’s vulnerability, and an email security partner or tool cannot provide a full overview. Other avenues like social media and the deep web will need to be addressed separately.
3. Social Media Listening
Just as a snapshot of your email security can be taken individually, social listening scans detect brand impersonation on social media. Social media is a common space for corporate identity impersonation and is notoriously difficult to patrol.
Social listening tools allow security partners to distinguish hacker chatter from genuine conversations by your employees and customers. Sophisticated AI can look for anomalies and suspicious activity to identify threats before they become dangerous incidents.
Again, it’s important to understand that social media impersonation is just one component of potential online brand impersonation. Using this method alone, you are likely to miss numerous other avenues.
To scan the deep web, you need access to specialist software and knowledge. A security partner and solution, such as Cythera’s BrandProtect, can offer deep web scanning and provide fast insight into the way your brand is being impersonated online.
BrandProtect is powered by Rapid7’s Threat Command, but takes a human-led approach to protecting your brand identity. Expert analysts respond to brand impersonations, incidents and manage takedowns to mitigate risk before it develops into an attack.
With the help of Rapid7’s industry-leading intelligence and Australia’s most senior technical talent, BrandProtect is the only way to proactively secure your brand identity.
Cythera’s BrandProtect service can help you gain visibility and take down malicious digital impersonation scams by scanning the deep, dark and clear web for data leaks, brand impersonation domains, fake social media accounts or hacker chatter relating to your organisation.
We leverage state-of-the-art dark web scanning tooling and wrap it around our human-led cybersecurity service that manages takedowns through our relationships with ISP’s, domain controllers and social media platform agreements.
Microsoft Outlook for Windows 0-Day Vulnerability - CVE-2023-23397
Microsoft Outlook for Windows 0Day vulnerabilityCVE: CVE-2023-23397 WHAT IS VULNERABLE? All versions of Outlook for Windows Outlook Web Acces…Read More
How to Optimise the Value of Your MDR Service: A Guide to Understanding MDR Pricing Models
MDR has long been hailed as a proactive alternative to Security Information and Event Management (SIEM) software. But, with such variety availab…Read More
Common issues with the ACSC 37 Strategies
Common issues with the ACSC 37 Strategies to Mitigate Cyber Security Incidents The ACSC publication, Strategies To Mitigate Cyber Security Inci…Read More