Current Online Brand Impersonation Threats Bmoore November 6, 2024

RESOURCE

Current Online Brand Impersonation Threats

Scammers continuously evolve their techniques and approaches to try to stay one step ahead of getting caught. We continuously share with our customers the current online brand impersonation threats we see that could impact their online brand security. Throughout this section we will share what we are detecting with our technology, what we are fighting for our clients, and risks you need to be aware of as you protect your brand and your customers.
Red Alert Symbol 3D Illustration

Embedded Pages in Compromised Websites

Fraudsters are embedding phishing pages within the websites of financial institutions to deceive customers and steal their sensitive information. These tactics make phishing scams harder to detect as they are hosted on legitimate, compromised websites, which lends credibility to the attack.

This type of threat poses a significant risk to financial institutions, particularly credit unions, as it undermines customer trust and increases the likelihood of successful credential theft.

Learn More:

FTC: Half of Fraud Involves Brand Impersonation

How to Takedown Fraudulent Websites

Parked Domains

Parked domains—inactive or placeholder websites—pose a unique threat to brand protection, as cybercriminals often leverage them for phishing or scam campaigns.

Because these domains are active without page content, they can be used in a number of nefarious ways. Redirecting to malicious pages/content.

Eventually publishing malicious content on the domain itself (e.g., a phishing page)
Sending phishing emails from lookalike domains impersonating a brand.

Addressing and managing parked domains is essential for brands to protect their customers and maintain trust, preventing them from becoming entry points for fraud or deception.

Learn More:

How to Handle Parked Domains

 

Dynamic DNS Abuse

Cybercriminals are increasingly using dynamic DNS subdomains to conduct phishing attacks by exploiting flexible, frequently updated nature of dynamic DNS addresses to evade detection.

By using dynamic DNS, fraudsters can mask their phishing sites and create deceptive URLs that resemble legitimate ones, making it easier to lure victims into providing sensitive information.

This tactic presents a growing challenge for brand protection, as it complicates detection and takedown efforts, ultimately posing a higher risk for brands and their customers.

Learn More:

Fraudsters Abuse Dynamic DNS Subdomains For Phishing

Mobile App Fraud

Mobile app fraud is a growing threat where cybercriminals create fake or malicious apps that mimic legitimate brands, deceiving users into downloading them.

These fraudulent apps often aim to steal sensitive information, spread malware, or generate revenue through deceptive ads.

For brands, mobile app fraud not only damages customer trust but also leads to potential data breaches and brand reputation issues, making vigilant app monitoring and swift takedown actions crucial for online brand protection.

Learn More:

SharkBot Mobile Banking Trojan Embedded in Banking App

What is Mobile App Fraud

Zelle Fraud

Sideloading & Alternative App Stores Increasing Brand Risk

Social Media Impersonations

Social media impersonations come in the form of fake profiles, fake job listings, fake posts, and fake pages. Fraudsters impersonate both brands and higher-profile executives.

Using deception and familiarity, the idea is to lull victims into a false sense of security with the casual, familiar setting of social media. Impersonations on social media often lead to phishing websites, or are carried out on the social media platform itself.

Learn More:

LinkedIn Fakes: The Rise of Spoof Profiles

How to Protect Executives from Social Media Impersonation

How to Delete Fake X and Twitter Profiles and Posts

How to Delete Fake LinkedIn Profiles and Scams

How to Take Down Fake Instagram Threads Accounts

How to Delete Fake Facebook Accounts Impersonating Your Brand

Malvertising

Malvertising through search engine ads is a tactic where cybercriminals use paid ads to mimic legitimate brand links in search results, directing unsuspecting users to phishing sites.

This method allows fraudsters to intercept traffic intended for real brands and capture sensitive information from users who believe they are interacting with a trusted source.

Addressing malvertising is essential for brand protection, as it targets search engine users and poses a direct threat to customer security and brand reputation.

Learn More:

Google Ads as Phishing Hooks for Fraud

Fighting Search Engine Phishing: Malvertising and Bing Ads

 

Fraud-as-a-Service (FaaS)

The Fraud-as-a-Service storefront “Treyshop” provides cybercriminals with easy access to tools and data for carrying out fraudulent activities, including brand impersonation and identity theft.

This marketplace offers stolen credentials, phishing kits, and other resources, enabling even low-skilled attackers to launch sophisticated scams.

The emergence of such platforms lowers the barrier to entry for cyber fraud, escalating threats to brands by making it easier for criminals to impersonate them and deceive customers at scale.

Learn More:

Fraud as a Service Storefront: Treyshop

Phishing Kits

Cybercriminals are increasingly using phishing kits—prepackaged tools designed to replicate login pages and steal credentials—to target regional banks and credit unions.

These kits make it easier for attackers to launch widespread, sophisticated phishing campaigns that deceive customers into providing sensitive information.

This threat is particularly harmful to smaller financial institutions, as it exploits customer trust and increases the risk of unauthorized access to accounts, impacting both the security and reputation of these institutions.

Learn More:

Phishing Kits Targeting Regional Banks and Credit Unions

Fighting Search Engine Phishing: Malvertising and Bing Ads

Link Shortening

Threat actors are increasingly using obscure or self-made link shortener services to disguise phishing URLs and trick users into clicking malicious links.

These custom-shortened links are harder to detect as suspicious, allowing cybercriminals to evade traditional security filters and lead users to credential-harvesting sites.

This tactic poses a significant risk to brands, as it enables attackers to carry out phishing attacks with a higher likelihood of success, threatening both customer security and brand integrity.

Learn More:

Link Shortening Services for Credential Harvesting