Credential theft and revenue loss are cybercriminals’ goals when it comes to online brand spoofing, but a side effect is erosion of customer trust.

 Wesentliche Punkte:

  • Mimecast discovered a spoofed site for Check Point Software Technologies, a cybersecurity vendor.
  • Attackers look for ways to profit from spoofed sites in every industry of nearly every size, though many believe that only large companies, like Google, PayPal, Facebook and other well-known brands of the world, are regularly impersonated. On the contrary, cybersecurity vendors can be attacked with frequency and consistency.
  • As attackers impersonate what should be trusted brands – cybersecurity, of all things! – brand protection is paramount, and employees must become hypervigilant.

New research from Mimecast has uncovered a phishing attack against cybersecurity provider Check Point Software Technologies. The online domain spoofing was discovered as part of normal brand exploitation protection scans and flagged as suspicious. Mimecast notified Check Point of the site and it has since been taken down.

Check Point.png

Image: Check Point’s spoofed domain record in Brand Exploit Protect

According to Elad Tzur, brand protection director at Mimecast, the fraudulent, spoofed site was impersonating Check Point’s regional Indonesia official site, using their brand name and trademarks. “Moreover, the domain had active MX records that could be used for an email phishing attack to manipulate customers and users,” he noted.

It may seem counterintuitive that a cybersecurity vendor site would be spoofed; most are not household names, nor do they have massive customer bases for cybercriminals to exploit. But it’s no longer true that the largest brand names are the only ones with spoofed domains. In fact, we recently demonstrated that while attacks against the best-known internet brands continue unabated, the more sophisticated cybercriminals – with the assistance of cybercrime toolkits and a multitude of hacked web sites and DNS entries - have shifted to impersonating the online brands of lesser known firms. Mimecast is routinely, though not heavily, impersonated and these impersonation attacks are discovered and taken down by our own Brand Exploit Protection solution.

Are Security Sites Spoofed More Often?

This may prompt a new question: are cybersecurity vendors becoming more likely targets for web spoofing and brand impersonation? According to Tzur, it’s safe to say that all security companies are being attacked.

“Being a security vendor ourselves, we are seeing attempts to attack our brand every now and then,” Tzur said. “But when the attacker sees their efforts being detected and eliminated before the attack is launched, they usually start to look for some other potential victim.”

Another potential victim could be a similarly named company, since the attacker would’ve already registered the domain and put a bit of work into the impersonation effort. However, they could just as easily pivot and attack another cybersecurity vendor who may not be keeping a careful watch on newly registered, suspicious domains – another reason to keep brand safety top of mind.

Brand Impersonation Damage

Every brand that is being attacked by phishing attacks absorbs some kind of damage – it can be financial, or it can be an erosion of trust in your brand. Tzur notes that brand impersonation and brand exploitation can lead not only to credential theft, but also to revenue loss as a direct impact of the attack. The collateral damage is, of course, confidence in the brand.

The toll can be especially steep for cybersecurity companies who must battle these types of attacks.

Online brand trust is an age-old topic in marketing circles; customers and potential customers provide invaluable data to a company in exchange for a product or service, and CMOs and senior marketing leaders must protect it. But as cybercriminals began impersonating online brands, usually for credential theft to launch future, more serious attacks, it can become much more difficult for marketing professionals to get their arms around the problem.

Was lässt sich daraus schließen?

According to the State of Email Security 2020, brand trust is incredibly important; if your brand website is cloned and credentials were stolen as a result, then trust in your brand can be questioned or diminished. Even unsophisticated attackers can trick unsuspecting website visitors, which can unravel years’ worth of brand equity. if you’re unaware it’s happening, you can’t solve the problem.

In 50% of organizations, the CIO holds budget for email spoofing, exploitation and impersonation, followed by the CISO (42%), CFO (22%), CMO (8%), and legal/compliance (8%)[1]. This budget breakdown shows that some organizations are treating online brand protection as the cross-functional business issue that it is, instead of relegating it as an overly technical security matter.

With this in mind, it’s imperative that CMOs and CISOs partner with CFOs to manage corporate brand and protect against exploitation. CFOs are perhaps best suited to make decisions that keep their business stable and operationally healthy. Working in lockstep with the CMO, CISO and CIO, the CFO can guide risk management and budget management towards a balanced approach to brand and business protection.

[1] State of Email Security 2020, Mimecast

Sie wollen noch mehr Artikel wie diesen? Abonnieren Sie unseren Blog.

Erhalten Sie alle aktuellen Nachrichten, Tipps und Artikel direkt in Ihren Posteingang

Das könnte Ihnen auch gefallen:

Twitter-Hack unterstreicht Bedarf an Schulung des Sicherheitsbewusstseins

A social engineering attack enabled hack…

A social engineering attack enabled hackers to penetrate Twi… Read More >

Mercedes Cardona

von Mercedes Cardona

Mitwirkender Verfasser

Veröffentlicht 17. Juli 2020

Warum sich die E-Mail-Sicherheit nie zu verbessern scheint und was Sie dagegen tun können...

While security organizations spend billi…

While security organizations spend billions per year to impr… Read More >

Matthew Gardiner

von Matthew Gardiner

Principal Security Strategist

Posted Jun 15, 2020

Online-Markenmissbrauch und seine Folgen verstehen

Online brand exploitation is a very real…

Online brand exploitation is a very real—and complex&m… Read More >

Megan Doyle

von Megan Doyle

Mitwirkender Verfasser

Posted Jun 01, 2020