Online Brand Exploitation and Its Consequences

Brands have long been impersonated and exploited for malicious purposes. Today, that exploitation is increasingly occurring online, and it presents a highly complex cybersecurity issue that runs much deeper than counterfeit goods and stolen intellectual property. The internet is so vast and open—and the threat landscape changes so rapidly—that there are seemingly infinite opportunities for brands to be impersonated across the web. And it happens all the time. In the past year, In the past year, 81% of IT and IT security decision makers experienced email or web spoofing attacks—with an average of nine attacks each.[1]

Worse, the consequences of brand exploitation can be surprisingly far-reaching. Every time a brand is exploited for a cyberattack, it’s not just the brand that’s at risk. Malicious actors impersonate brands in order to attack their customers or other businesses and individuals. The victims of those attacks can face devastating consequences, from fraud to data breaches and ransomware attacks.

And yet, many brands have no idea they’re being exploited.

This is in part because traditional approaches to cybersecurity often don’t extend beyond the company’s perimeter. Online brand protection requires a multi-layered, proactive approach to effectively protect organizations and their stakeholders, combining technologies and techniques such as:

• Anti-email spoofing protocols like DMARC
• Advanced brand protection solutions that incorporate AI and machine learning
• Cybersecurity awareness training

What is Brand Exploitation?

Understanding the scope, complexity, and reality of brand exploitation is the first step in learning how to fight it. In the cybersecurity sphere, brand exploitation occurs when bad actors exploit a brand’s digital presence in order to trick unsuspecting victims. In other words, cyber attackers prey on human vulnerabilities and the intimate brand-stakeholder relationship to conduct fraud, drop malware, harvest credentials, or plant the seeds for data breaches and ransomware attacks.

Any digital touchpoint a brand uses to communicate with its customers, partners, clients, suppliers, and prospects is an open invitation for exploitation. This includes web domains, email domains, social media, apps, and more. What’s more, brand exploitation can affect any industry, and businesses of any size—finance, healthcare, government, non-profit organizations, the local rental car agency, a boutique clothing store with an online shop, you name it.

Many online brand exploitation attacks are conducted via email. A phishing email that appears to come from a well-known restaurant may offer an employee a free birthday lunch—but in reality, it deploys malware on their system. A message that spoofs the company’s email service provider may ask an employee to click a link that takes them to a web page designed to harvest their work credentials, compromising their work account and leaving their employer open to serious consequences.

How Brand Exploitation Attacks Work

A basic brand exploitation attack can be broken down into a few key steps:

1. Attacker identifies the brand to be exploited and the attack recipient. Brand exploitation attacks can happen to anyone and any brand at any time, but cyber criminals often take advantage of current events and trends to prey on peoples’ anxiety and desire for information. This was evident during the early stages of the COVID-19 pandemic, which saw a 30.3% increase in impersonation attacks[2]—and an 80% increase in unsafe clicks at companies that don’t use cybersecurity awareness training.[3]
2. The attacker delivers the brand exploitation attack. This could be a spoofed email domain, a copycat website that clones a legitimate website, a sham social media account, or even a mobile app. And it’s incredibly easy for bad actors to do. Without anti-spoofing protection such as a DMARC record, anyone can pretend to be somebody else in the “from” field of an email. There are no internet police to stop a bad actor from registering a copycat domain. And even the least tech-savvy bad actors can purchase cyberattack kits, which enable them to easily add malware-deploying lures to a spoofed domain.
3. The victim falls for the attack. Without proper cybersecurity awareness training, individuals may click a link or enter their log-in information to a malicious website that in turn helps the bad actors complete their attack. Attacks are often cleverly concealed, and victims may have no idea they’ve compromised themselves and their employers.

The Complex Consequences of Brand Exploitation

Brand exploitation attacks can damage not only the brand but also its customers or other recipients of the attack. The potential outcomes are diverse. Criminals might exploit a brand to phish for the recipient’s credentials, for example. The bad actors can either sell those credentials or use them to access the victim’s financial information, work email, or personal email, for instance. Ultimately, this can lead to malware deployment, takeover of internal accounts, data theft, or ransomware attacks—all because one victim was tricked by one email impersonating a brand they knew and trusted.

In other words, it’s not just the impersonated brand that faces costly consequences like reputation loss, tainted business relationships, legal fees, and clean-up and remediation costs. The recipients of the attacks—and their own organizations—are jeopardized, too.

Online Brand Protection Requires a Multi-Faceted Strategy

To fight brand exploitation, brands should consider utilizing a combination of several offensive and defense mechanisms that work together to weave a tight protective net. This includes:

• Email security like DMARC email authentication. DMARC (Domain-based Message Authentication Reporting and Conformance) can help brands identify unauthorized email senders and ensure only legitimate emails reach recipients. This can help prevent brand attacks before they can happen. DMARC can prevent bad actors from being able to exactly copy the brand’s domain, letter for letter, in email attacks. However, it doesn’t prevent them from using domain names that look similar—by changing a letter or two in the name, for example. Robust inbound email security solutions, however, can help prevent suspicious lookalikes from getting into your employees’ inboxes.
• Advanced online brand protection systems. These emerging systems use AI and machine learning to help brands actively monitor their digital touchpoints to hunt for, detect, and even take down malicious spoofing attempts. AI-based brand protection systems utilize specialized algorithms to monitor troves of web data faster than any human.
• Regular cybersecurity awareness training. Ninety-four percent of corporate data breaches involve human error.[4] Humans may be the weakest link when it comes to falling for brand exploitation attacks, but with proper cybersecurity awareness training, they can become an indispensable last line of defense. Awareness training has been shown to greatly improve peoples’ ability to detect such attacks and safeguard themselves and their employers.

The Bottom Line

The importance of digital brand-customer relationships, combined with the prevalence of phishing, means criminals have near-infinite opportunities to impersonate and exploit brands in websites, email addresses, mobile apps, and social media posts. These brand exploitation attacks can damage brands and attack recipients—and all it takes is one unsuspecting person to click on an unsafe link. Broad online brand protection strategies can help companies gain control of how they’re presented on the web, protecting themselves, their customers, and the public.

[1] State of Email Security Report, Mimecast 

[2]“Threat Intelligence Briefing: Surging Spam and Impersonation Attacks Drive Increasing Coronavirus Cyber Threats,” Mimecast Blog

[3] “Threat Intelligence Briefing: Security Awareness Training Helps Dramatically Reduces Unsafe Clicks Amid Surging Coronavirus Cyber Threats,” Mimecast Blog

[4] 2019 Data Breach Investigations Report, Verizon