Brand Exploitation Is a Bigger Issue Than It Seems

A U.S.-based regional bank didn’t know that they had a brand exploitation problem until they started monitoring. The result: They were surprised when they found themselves identifying and neutralizing an average of 10-to-15 brand impersonation attempts every month. A small U.K. bank experienced similar results when it launched a brand monitoring program. 

Any one of those dozen-per-month brand impersonation exploits could have resulted in a ransomware attack, data compromise or a business email compromise (BEC) scam that hijacked legitimate payments.

Research Shows Online Brand Exploitation on the Rise 

Such brand impersonation attacks could have devastating consequences for a small or midsize business. Companies still working to establish their brand presence might find that illegitimate brand emails can thwart a growing brand’s image, poisoning the well just as hard-earned traction could be taking hold. But this non-trivial problem tends to scale with the notoriety of the brand. Mimecast’s The State of Brand Protection 2021 (SOBP) report shows that larger, established brands are more often the victim of brand impersonation. For example, tracking brand impersonation against the 100 brands deemed most valuable by the London-based Kantar Group, data showed a 381% increase in brand impersonations in the first half of 2020.

Of note, a larger company interviewed for the SOBP report discovered 300,000 fraudulent, brand-impersonating emails in one month. Looking closer at this brain-numbing number, the interviewee stated that, “Some pretended to be part of our procurement process to either defraud us or someone else in our procurement chain. We’ve even had members of the public say they’ve been offered a job with our company, but it turns out the fake job offers are money mules, part of criminal money laundering campaigns.” 

The shift to remote and hybrid work over the past year and a more mobile workforce has made the matter worse, as attacks rose and workers became more susceptible. More than half (51%) of respondents to The State of Email Security 2021 report (SOES) reported an increase in BEC attacks that exploited brand impersonation, and 63% reported an increase in phishing attacks that targeted their employees. SOES research also discovered that employees were clicking on unsafe URLs in emails three times more often than they were before the onset of the COVID pandemic. This is significant because it means that cybercriminals are getting more opportunities to worm their way into company systems.

Online Brand Exploitation Solutions

Avoiding business email compromise and phishing attacks that deceive recipients through brand impersonation tactics takes a combination of education and technology. Here’s a summary of the brand impersonation protection strategy laid out in the SOBP research:

• Increase security awareness training. The importance of teaching staff to be email savvy cannot be overstated. In the SOBP study’s comparison of Mimecast customers with and without awareness training, employees in organizations without training clicked on malicious links an average of 13.6 times more often! Awareness training teaches people to simply be wary of all emails and to think first before clicking on a link. It’s also useful for the IT team to follow a specific format and policies for their emails so that staff can know what to look for to make sure an email is real. And it’s important to have a way for staff to report suspicious emails.
• Collaborate with marketers. Cybersecurity teams should begin a productive, constructive partnership with brand marketers. While marketers build their brand, “security teams should be riding alongside and shooting down fraudulent websites as they pop up so that they don’t get in the way of marketers’ leads,” as one interviewee put it.
• Monitor to expose the problem. Time and again those interviewed for the SOBP report told stories about how surprised marketers and c-suite executives were when they reported results of brand monitoring pilot, or proof-of-concept, projects. Measuring the scope of the problem makes it clear that action must be taken.
• Engage third-party brand protection solutions. Because brand impersonation occurs largely outside a business’ own security perimeter, third-party protection services are essential. Frost & Sullivan research described in the SOBP report shows how Mimecast’s Brand Exploit Protect service, because it is solely focused on identifying and taking down malicious brand impersonation sites, can do it far more efficiently than most businesses can do on their own. Consequently, a medium-to-large-size business could save more than $1 million per year by hiring a third party instead of doing it themselves.
• Deploy DMARC. The Domain-based Message Authentication, Reporting and Conformance (DMARC) email authentication standard can be a potent ally to help companies fight brand exploitation. But it’s important to remember that DMARC can’t be simply switched on — it requires monitoring, strategic analysis and planning. And brands can use DMARC to both help others identify emails that impersonate their brands and to authenticate legitimate emails so that they don’t end up in a spam folder. 

The Bottom Line

With remote and hybrid employees clicking on so many more malicious links in emails as they were before the pandemic, the opportunity for companies to succumb to brand impersonation BEC and phishing attacks has grown dramatically. A combination of security awareness training and brand protection technologies can be deployed to mitigate these risks.