Exclusive for FS-ISAC Members

Partner Offer

Exclusive for FS-ISAC Members

Add your brand to the exclusive FS-ISAC feed for website impersonations for free

Many financial services providers underestimate the growing threat of rogue mobile apps—until it’s too late. Fraudsters use third-party marketplaces to distribute cloned apps embedded with banking trojans or other malicious functionality, putting consumer data, funds, trust, and a brand’s reputation at risk.

What’s in it for FS-ISAC members:

Get alerted to websites making use of and potentially impersonating your brand amongst tens-of-millions of sites examined daily
View suspicious URLs, domains, and indicators related to website content that matches your brand
Findings will be included in a daily export available on the FS-ISAC Document Library

Frequently Asked Questions

Learn more about this exclusive offer for FS-ISAC members

What does Allure Security do?

Allure Security protects brands by finding and stopping online brand impersonation attacks before people fall victim. Our patented, artificial intelligence-powered engine finds more spoofed websites, social media accounts, and mobile apps more quickly and with greater accuracy than legacy approaches. Our unique, multi-pronged approach to response – blocklisting, decoy data, and takedown – significantly reduces the lifespan of a scam and the damage it can do.

How is Allure Security associated with FS-ISAC?

Allure Security is an FS-ISAC affiliate and provides the organization a continuously updated feed of websites using and potentially impersonating brands that Allure Security has identified as operating in the financial services industry. These efforts support FS-ISAC’s mission to disseminate threat information and analysis to members in order to protect the global financial system, participating financial institutions, and the people they serve.

How does the feed provided to FS-ISAC work?

Allure Security’s AI-powered engine examines tens-of-millions of digital assets each day (websites, social media posts, mobile app product pages, etc.). It does this by automatically rendering content in a browser. Then, it uses natural language processing and computer vision to evaluate content as a human would for signs of impersonation of any brands it’s trained to identify. The feed originated with alerts on an Allure Security-created list of more than 8,000 brands in the financial industry. The feed continues to evolve as we add brands and FS-ISAC members request that their brand be added to the source list.

How do I make sure my brand is on the monitored list?

It’s easy – just complete the form at the top of this page, or email Allure Security’s FS-ISAC ambassadors at fsisac@alluresecurity.com

How do I see web pages authorized to use my branding in the feed?

We’ve partnered with FS-ISAC to provide a regularly updated feed of web pages that:

Use the branding of an organization listed on an Allure Security-created list of 8,000+ financial services companies
Are not hosted on the one website or domain we’ve designated as “official” for those companies (though we realize a brand can have multiple “official websites”)

Membership rules don’t allow FS-ISAC to share a list of members or any information about owned or third-party websites authorized to use those members’ branding. So Allure Security doesn’t know for sure which brands are FS-ISAC members, or what’s legitimate use of those members’ brands.

As a result, the feed will occasionally include:

Web pages using the brands of companies that are not FS-ISAC members
Web pages from third-parties/partners authorized to use that branding

Because we have limited information, we expect that FS-ISAC members would need to review items in the feed related to their brand to determine whether they’re authorized. FS-ISAC members that sign up for our freemium service can inform us of other owned or third-party sites authorized to use their branding so that we don’t alert on associated web pages.

Our goal is to let FS-ISAC members know about web pages that use their branding and are not hosted on what we’ve designated as their official website so that they can take action if they choose.

What do I gain by registering for a free Allure Security account?

By opting into a free Allure Security account (requires 15-min onboarding call), you will receive:

Customized, real-time alerts via email and your account dashboard as soon as we detect a website using and potentially impersonating your brand (compared to having to sift through the daily FS-ISAC export)
Read-only access to a list of potentially harmful lookalike domains (typosquats, homoglyphs, etc.) and automated analysis of digital content published on those domains
Additional intelligence about suspicious domains – e.g., registrar, host, certificate information, screenshots, etc. – to aid in investigation/response

How is the FS-ISAC feed different from what Allure Security delivers to its customers?

FS-ISAC members that are not Allure Security customers receive only:

Limited, basic training data (e.g., logo, page title, brand name, favicon) provided to the machine learning algorithm.
Minimal training of the machine learning algorithm that investigates websites for impersonations of any brand on the feed-list.

Paying customers of Allure Security receive:

Additional training data provided to machine learning algorithm including multiple logos, marketing tags, text strings such as routing number, and more.
Continual model training and tuning resulting in more detection fidelity (i.e., generally resulting in more detections, as well as, fewer false positives).
Ability to monitor multiple domains/brands, upload suspected domains for monitoring, and authorize domains (so that they’re not alerted on).
Intuitive dashboard for drilling down into additional information about any brand impersonations.
Easy report generation to detail detections, mitigations, response statuses and more.
API access for feeding other security solutions with brand impersonation information to roll up into other logging and threat and risk reporting.
Uniquely effective three-pronged response service (blocklisting, decoy data, and takedown) and diligence resulting in significant reduction in time-to-takedown.
Expanded visibility by using Allure Security to protect their brand on social media platforms and mobile app marketplaces.

Why do I see my brand name listed in an entry for a malicious URL unrelated to my brand?

Sometimes you might see your brand name listed in a field in the spreadsheet but for a malicious URL for someone else’s brand/victim URL. Most common is seeing your brand name listed as a “Partial Pattern match” in the Page Title column. One indicator our detection engine looks for when analyzing a website is whether its page title matches that of any website we’re protecting. Many financial institutions use similar titles for web pages (e.g., including the word “Home” or “Business Banking”). Because you may use a page title similar to another financial institution, you might see your brand listed as a partial pattern match. Page title alone is not enough of an indicator to suggest a possible brand impersonation. So, you can pretty safely ignore these. If there were more indicators suggesting an impersonation of your brand in particular, we would report on that as a separate malicious URL with your domain in the Victim URL column.

What if I have a question not answered here?

Contact Allure Security’s FS-ISAC ambassadors at fsisac@alluresecurity.com

“Seeing Allure Security daily inputs for imposter sites to FS-ISAC – that is fantastic! Thanks…[It’s] a tremendous service.”

FS-ISAC Institutional Member

CISO | Leading Financial Services Firm