Articles about website spoofing, cybersecurity trends, and how to protect your customers from hackers.
Knowing exactly what to do when your brand is impersonated online seems like a daunting task. A number of nuances may send you down the wrong path – wasting your time and allowing offending content to remain live on the internet for longer. Use this list to evaluate your online brand protection program.
Properly registered trademarks make removing offending content from the internet easier for all parties. Evaluating which side’s argument is valid (the complaining brand vs. the publisher of the content) is often not as obvious as it seems to be to the complainant. Take the time to register any and all trademarks your brand uses with the U.S. Patent and Trademark Office and the E.U. Intellectual Property Office. A registered trademark is required for there to be any hope of making an argument that said trademark is being infringed upon.
While sometimes overlooked, brands need to establish themselves wherever their customers are. In today’s digital world, that means owning the online “anchors” associated with your brand. Register any domains you plan to do business on. If your brand has an international presence, consider registering on relevant top level domains. In addition, Twitter handles, Instagram accounts, Facebook pages, and any emerging social media platforms are also places you should consider claiming your name brand. You should also be sure to grab social media profile names for your executives.
So, how can you tell that your monitoring is enough? What exactly constitutes a “comprehensive” strategy? For starters, it goes beyond looking for domains similar to your own.
In the past, a popular method of finding impersonations was scanning for permutations of a brand’s domain name. These days however, brand impersonators have moved away from using only look-alike domain names. In 2023, a scam site impersonating your brand will very likely have a URL completely different from your own in order to avert detection by less sophisticated monitoring methods.
Finding impersonation sites that use random domains unrelated to your brand name is no easy task. Looking for said impersonations manually is essentially impossible.
There’s a long list of websites to visit, which can get tedious quickly. Before choosing Allure Security, one security analyst spent two hours each day, from 9 a.m. to 11 a.m., sifting through a list of 40 to 100 suspicious websites. Once they started using Allure Security’s AI-powered detection engine (which scans 100+ million digital assets each day) to do the job, their work time dropped from 2 hours to just five minutes.
Just as consumers use mobile apps and social media platforms to interact with brands; scammers are diversifying the methods through which they distribute attacks. Phony social media profiles, posts, and mobile app listings have become remarkably effective vectors for online brand impersonation attacks.
Given that attacks can and do come from all corners of the internet, we recommend educating your customers on when and when not to engage online. Make it clear to your customers on which social media platforms your brand will engage with them. In addition, spell out where customers should download authorized versions of your mobile app. A consistent posting schedule on social media can also help establish in your customers’ minds which social media profiles are official and authorized.
Reporting a scam to a network of blocklists is one thing. Removing that impersonation from the internet is a different process entirely. Employees responsible for managing your brand’s online presence and performing takedowns can extrapolate a lot of value from having a good relationship with those folks on the other end.
Consider the abuse teams at registrars, web hosts, and social media platforms that evaluate a steady stream of requests to remove content that one of their customers has published. To justify a takedown, they need concrete evidence of a violation of their user agreements. Building a reputation with a provider can mean they more quickly act on your requests knowing that past requests were justified and included the proper evidence. Building such a relationship takes time and many brands are better off choosing a vendor like Allure Security that already has relationships with various providers built on a history of valid requests. These relationships go a long way in reducing time-to-takedown.
Establishing a thorough understanding of a registrar’s or other providers’ acceptable use policies and the evidence required for takedown is key. For example, most registrars will respond to complaints pertaining to phishing websites and spam emails. However, they will not help with addressing copyright or trademark infringement claims. Instead, you will need to work with the web hosting provider on taking down such content.
Understanding the nuances of abuse reporting for various registrars, hosts, social media platforms, and more are also critical to increasing takedown success rates and accelerating takedown speeds. For example, when attackers use parked domains to send phishing emails, registrars will not act without having the phishing messages (including headers) in hand.
In addition, adversaries will also abuse dynamic DNS services to create phishing websites using subdomains. Dynamic DNS services will not take down an entire domain for one malicious sub-domain. In those cases, you typically need to identify the host of the content and pursue that route for takedown. If that sounds complicated, you’re right. This is why many brands find it much more cost-effective to hire a specialist such as Allure Security to handle this work for them.
Obviously, the longer a phishing website, deceptive social media profile, or unauthorized mobile app remains on the internet, the more of your customers can fall victim. And the damages go beyond just the direct fraud costs.
The costs of online brand impersonation attacks include:
Each of these costs increase with time. Expert takedown services from vendors like Allure Security can reduce mean-time-to-takedown to minutes or hours compared to weeks or months via other methods.
Are you learning of brand impersonation attacks targeting your brand mostly from customers? If so, it might be time to work on your strategy. When consumers fall victim to online fraud, 63% of them blame the brand – regardless of whether the brand did anything wrong. On top of that, 32% of victims will leave the brand altogether after a bad experience.
Fortunately, it is possible to get ahead of these scams and eradicate them before a single customer falls victim. It involves a combination of automating the continuous assessment of more digital assets on the internet, along with a seasoned team of takedown experts that can reduce takedown time to hours versus days.
Posted by Mitch W