CSC Global - Domain name security and threat intelligence
With nearly 4 billion users and an associated economy of over $4 trillion, the Internet comprises a major ecosystem for businesses today. However, it also provides significant opportunities for criminals to take advantage of trusted brands for their own gain. There are a number of types of possible infringement, including trade in counterfeit goods, online fraud, digital piracy and other kinds of general brand abuse across a range of internet channels, which can have direct impact on the value of brands and the profitability of the associated organisations.
Many types of brand abuse (eg, domain name infringements, false affiliation claims, unauthorised use of logos or other intellectual property, negative customer comments and brand guideline non-compliance from legitimate affiliates and partners) are familiar to brand representatives responsible for marketing and branding. However, the range of possible infringements extends much further than this, into more sinister areas with significant security implications.
One obvious area of online abuse that can directly affect a company’s bottom line – by way of customer losses and damage to brand reputation – is cybercrime (eg, phishing). Research indicates that 65% of consumers would change suppliers following an experience of fraud or data breach. Currently 54% of businesses are only “somewhat confident” in their ability to detect fraudulent activity, although a 2018 study found that 9% of organisations say that their most disruptive case of fraud in the previous two years had caused losses of $5 million or more, causing damage to brand strength, business and regulator relations and employee morale.
Phishing activity, where infringers aim to steal log-in credentials or other types of personal information, is often perpetrated through fake websites. This highlights the need to track the registration of brand-specific third-party domain names and monitor for subsequent changes to website content. However, associated activity can also occur across other channels, including stand-alone websites, social media and spam emails – all of which must be considered if the problem is to be addressed comprehensively. Social media is a common channel for the creation of fake profiles that can be used for executive impersonation and subsequent money-transfer scams.
With regard to domain name abuse, even cases where no live site content is present can be significant, since domains can be used purely for their email functionality – that is, creating a convincing fake email address from which to send phishing emails – illustrating the requirement to analyse mail-exchange records and track spam email traffic in order to identify fraudulent communications. In addition, criminals typically take a multi-stage approach to online fraud, with stolen credentials often traded online, frequently via carding websites and forums or on the dark web. Monitoring these deeper areas of the Internet can provide early warning of compromised accounts or credit cards, making it possible to deactivate them before significant financial losses take place.
Beyond classic brand infringements, the online appearance of malicious software (malware) can also have significant security implications for brand owners. Types of malware can include key loggers that steal passwords and other confidential content, and ransomware that locks files and demands payment for their release. Malware is spread through visits to infected websites (eg, accessed via search engine results or sponsored ads) and opening infected attachments in emails. In many cases, the spread of malware involves the use by criminals of brand-related hooks, encouraging users (ie, customers or employees) to access the infected content. Malware can also open an organisation up to infiltration by hackers, though this can also arise as a result of employee social engineering or lax security policies. Hacking activity can damage an organisation in a number of different ways, including compromisation of sensitive customer records. At least nine high-profile cases, each involving access to more than 50 million sets of credentials, have been reported in the press since 2013. Cases of this nature can have significant direct financial implications, with the average cost to organisations of data breaches in 2018 estimated at over $5 million per incident.
Consequently, the implementation of a holistic brand protection programme should be a crucial requirement for brand owners, ensuring that responsibility for programme ownership – including budget provision – is shared across all relevant stakeholders. Online fraud and cybercrime go hand in hand with other types of infringement; to combat these risks, various departments (eg, marketing, legal and IT security) need to work together. All might have different objectives, yet their common goal should be to keep their organisation protected, secure and safely operating online at all times.