Eliminating the Precursor to Phishing and Fraud
A regional bank managing $30 billion in assets and serving the New York metropolitan area had experienced an increase in scams targeting its millions of customers. Fraudsters impersonated the bank’s brand online by cloning its websites, sending phishing e-mails directing the bank’s customers to malicious sites, and tricking victims into entering their credentials. With these stolen credentials, the fraudsters then took over customer accounts and stole their money.
The bank had implemented a domain monitoring system, however, customers still called the bank complaining of scams the systems missed. The bank’s cybersecurity and threat management team demanded a better way.
First, the team wanted increased visibility into online threats impersonating their brand and targeting their customers. Second, they wanted to identify these scam websites closer to their original creation to head off phishing and related fraud before it occurred.
The bank’s domain monitoring solution would identify some problematic websites months after they went live, which the director of cybersecurity described as “…useless to us.”
Spotting and Addressing Fake Sites in Hours vs. Months
The bank chose Allure Security’s AI-powered online brand impersonation as-a-service. The bank’s Director of Cybersecurity & Threat Management appreciated Allure Security’s ability to detect the scam website during early phases, prior to launch of the phishing campaign and before any customers fell victim.
They were now able to spot scams quickly and the Director described the thought process of a fraudster as follows, “Wow, I didn’t expect that to happen. They cut my operation off at the knees.”
Allure Security’s brand protection as-a-service with its web beacons take mere minutes to implement. As a result, the bank had immediate insight into the origins of brand impersonation attacks against their bank and users accessing their web content–whether authorized or unauthorized.
The Results
With the new technology and approach in place, the cybersecurity and threat management team felt confident they now had an edge on scammers targeting their customers and were no longer flying blind.
Overall, the team significantly reduced mean-time-to-detection of brand impersonation attacks (i.e., how long an impersonation is accessible before it’s discovered). This improved detection combined with transferring mitigation responsibilities to Allure Security’s expert Threat Research and Response team also significantly reduced mean-time-to-response (i.e., the time it takes to eliminate a threat once it is discovered)–in some cases reducing it from months to hours.
The new technology also enabled the team to identify and extinguish a network of fake websites used to execute a loan application scam that stole victims’ bank credentials and money. The team also found a scam website in an unexpected place, buried deep within a Vietnam coffee shop’s compromised website. Fortunately, the bank caught the scammer in Nigeria provisioning the fake website and prevented any customers from being directed to it. Without Allure Security’s detection and response capabilities, both of these scams would have gone unnoticed and unmitigated.