With cybercriminals targeting trusted brands and their customers with malicious phishing campaigns, brand abuse can significantly impact businesses’ legitimacy and stress over-burdened security teams who wouldn’t know where to focus their efforts. Here, Ross Rustici, Global Head of Security Architecture and Threat Intelligence at ZeroFOX, discusses the top three impersonation attacks security teams should monitor and combat should they fall victim to them.Â
Modern companies realize the value that digital channels like mobile and social media can bring when it comes to maintaining an open line of communication with consumers. As companies continue to invest in digital tools, it is critical to address corporate risk in these platforms and combat brand abuse. Even the savviest of organizations may disregard the need to monitor brand protection-related issues, such as brand impersonation, spoofed domains, or even fraudulent mobile applications.Â
Brand abuse, once a marketer’s dilemma, has now matured, meaning that ownership lines have blurred. It has become a security challenge that threatens the entire organization, serving as an initial intrusion vector, as well as diminishing consumer trust and brand reputation. With multiple technologies and platforms being leveraged for impersonations, it can be difficult for security teams to know where to focus their efforts.Â
Here, we review the top three ways impersonations leveraged to compromise systems and how to mediate them.Â
The Fake Social Media Account
The most popular form of impersonation is the fake social media account. Traditionally security teams overlook social media accounts as “assets,†however, they provide real value when engaging with customers and building awareness – and hackers have noticed. Therefore protection of corporate social media accounts is essential to any modern organization. Fake social media accounts offer hackers accessibility to the business or person they are trying to imitate and a direct touchpoint to said company’s user or consumer base.
Illegitimate accounts are attractive because there is no cost associated with opening an account, and deployment is quick. Once created, the real account’s legitimate network is presented to the hacker. Typically, cybercriminals pursue the creation of false accounts of high-profile executives to target employees and consumers alike. Notably, these profiles can be used to phish, steal information, and conduct fraud.Â
For impersonation of social media accounts outside a company’s direct control, timely awareness and response are crucial to mitigating damage. Flagging impersonations or understanding attack planning via dark web chatter provides security teams real-time warnings that allow them to take quick action. Ultimately, it’s essential to consider moving past one’s security perimeter and focusing on assets that provide visibility and remediation capacity into social media platforms. Understanding the magnitude of the threats at play and anticipating abuse will allow teams to disrupt intrusions before they occur versus responding when they’ve happened.
Learn More: Why Users Ignore the Risks of Brute-Force RDP Attacks
The Spoofed Domain
Companies’ online presence serves as the first touchpoint with consumers. Malicious, spoofed domains grant cybercriminals numerous weaponization possibilities, including phishing, vishing, ad fraud, and malware. In every case of spoofed domains, one thing remains the same; the actor employs an organization’s legitimate handle or name to drive traffic to malicious activity.
The impersonation of an organization’s name to drive malicious activity always has a slight variation of the brand name with a common misspelling, an abbreviation of the company name, or a homoglyph that may go undetected. Once the domain is registered, the adversary will likely register with known bulletproof hosting providers to evade discovery and takedown.Â
The two most important factors to consider when addressing look-a-like domains are unpredictability and scale. It is difficult to know if, or when, a hacker may change a domain from harmless to malicious. And once converted, it may be too late to take action before the site can reach customers. Typically, detecting and remediating impersonations is challenging to undertake manually. Without automation, it can be near impossible to find domains mimicking a brand, mainly because threat actors do not apply a direct name match. However, relying on an external provider for both the identification and takedown of malicious domains can help navigate the complex process.Â
Learn More: Cybersecurity Marketing: 4 Winning Pandemic-Era Strategies for Tech Marketers
Fraudulent Mobile Applications
As mobile technology improves and increases in use, hackers have found a window of possibility in deploying malware on mobile devices. Cybercriminals create malicious copycat applications that look like the legitimate apps they’re impersonating to trick unsuspecting consumers. Even though an app is in the Apple or Google Play store, it does not imply authenticity.
Organizations need to inform customers how to avoid and spot fake apps to ensure their devices and data are safe. Security teams can also monitor and track false apps. Vigilance also falls on the consumer; they can check for misspellings in the name and description of an app or see if the logo looks different. Mobile users should also inspect reviews and see if an app was published recently, which is a possible red flag.Â
Consumers’ and organizations’ reliance on social and mobile to conduct business has created an opening for hackers, who are evolving alongside the explosion of digital touchpoints. As a result, organizations must take every precaution and measure possible to prevent and disrupt these attacks. By remaining vigilant, offering consumer education, and implementing technology to automate identity and removal, organizations can best protect their brand, reputation, and customer trust.Â
Let us know if you liked this article or tell us on LinkedInOpens a new window , TwitterOpens a new window , or FacebookOpens a new window . We would love to hear from you!