This article was originally published to DarkReading on February 3rd, 2023
Retailers, product creators, and service providers are increasingly having to deal with brand impersonation attacks. Mimecast’s “2022 State of Email Security Report” found that 90% of organizations experienced an impersonation attack over the previous 12 months. Further, the Mimecast “2021 State of Brand Protection Report” found that companies on the BrandZ Top 100 Most Valuable Global Brands 2020 list experienced a 381% rise in brand impersonation attacks over May and June of 2020 compared to before the pandemic. New domains suspected of brand impersonation also rose by 366%. These impersonation attacks include not only the typical phishing or malware attacks, but also fraud that sells or claims to sell products or services on behalf of the brand. These include fencing of stolen items, non-delivery scams, and counterfeit or grey market sales of product.
“[Brand impersonation] is a fraud problem and a security incident problem,” says Josh Shaul, CEO of Allure Security. “People are stealing from you, and you’re trying to prevent the theft.”
Experts recommend that CISOs take a systematic and multidisciplinary approach to this problem. The right approach will not only require technology like automated detection, but also security leadership in helping business stakeholders to harden the brand on a number of fronts.
Read the full article “What CISOs Can Do About Brand Impersonation Scam Sites” on the DarkReading website.