Small businesses may think they’re unlikely to suffer from online brand impersonation, but no company is immune to the threat.

Wesentliche Punkte:

  • Online brand impersonation is a widespread problem that can damage a company’s reputation and cause financial losses for its customers and other contacts.
  • Small businesses may think they’re too small for criminals to bother with, but that’s not true—and they may even be more vulnerable than larger companies.
  • Simple yet effective steps can help protect your brand—and your customers.

Online brand impersonation is a much more widespread problem than many people recognize. Every day, criminals impersonate big brands online, exploiting the trust in those brands to defraud users or trick them into revealing sensitive information. For example, criminals may send phishing emails that appear to be from a trusted brand like a bank or brand-name retailer. Those phishing emails ask recipients either to make a payment or to “confirm” their identity by revealing their Social Security number, account information, or password. Some of these fakes are easy to spot, because they’re riddled with spelling errors or awkward phrasing. Others look quite authentic. Either way, if consumers take the bait and lose money—or their identity—the victimized brand’s reputation will suffer, too. And phishing is only one form of online mischief that can harm businesses; fake websites (particularly if your web site accepts payments) and social media postings are other common methods.

Small Businesses Are Not Safe

If you have a small business, it may be tempting to think this is one problem you don’t have to worry about. After all, experts note that Microsoft, Apple, PayPal, Netflix and Bank of America are among the brands most likely to be impersonated.[1] But experts also caution that small businesses should not ignore the threat.[2] If you’re still not worried, here are some things to consider. First, spoofing attacks in general are increasing. Microsoft reported that phishing attacks jumped 250% in 2018 alone.[3] Second, experts note that small businesses are especially vulnerable because they often lack the security technology and programs that larger companies have in place.[4]

Finally, consider the cost to your small business and your customers. Last year, criminals impersonated a supplier’s brand in email messages in order to swindle small U.K. charity Red Kite Community Housing out of more than $1 million.[5] Such spoofing can damage your brand and reputation, even if customers (or potential customers) know that you aren’t directly responsible. Being duped by a phishing email certainly qualifies as a bad experience, and studies show that 63% of consumers will stop shopping somewhere after a single bad experience.[6] Spoofing can undermine your marketing, too, if it scares people away from opening your emails or visiting your Web site.

As a consumer, I can speak to that directly. A few years ago I was selling my house and hired a small, independent real estate firm with just a few agents. During the process, I got an email asking for some very specific financial information, including account numbers. Because I (foolishly) believed that the firm was so small the email must be legitimate, I responded. Big mistake! Although I knew the firm wasn’t responsible, our relationship suffered irreparable harm when the owner seemed unconcerned about the damage and took no steps to keep it from happening again.

A Multi-Pronged Approach Can Cut Your Risk

So, if we can agree that small businesses are indeed targets for brand impersonation and that the stakes are high, how can small businesses protect themselves?

Although experts caution that there is no single method of online brand protection,[7] and that no security steps are foolproof,[8] they also suggest that a combination of tactics can substantially reduce the threat:

  • Fortify your domain record. Today’s email protocols were largely developed during the Internet’s infancy, when security wasn’t a concern. That makes email spoofing remarkably easy. You can strengthen your online brand protection by changing your internet domain settings. Specifically, you can add three records—SPF, DKIM and DMARC—to your firm’s DNS information. Together, the three settings work to block fake emails that impersonate your business.
  • Communicate with your customers or clients. You want to take steps to stop fake emails from going out, but you also want to take steps to keep customers from opening them if you are attacked. Use your public-facing communication to do just that. For example, experts say you can include messages on your Web site and email to assure customers that you will never ask for passwords or other sensitive data via email. If you’re consistent in how you use your logo, colors and other elements of branding, it may make it easier for customers to spot a fake.[9]
  • Monitor your brand. There are a lot of good reasons to keep tabs on what’s being said about your brand online, and two of those reasons are to identify scam accounts and to spot posts falsely claiming to represent your business.[10] That said, the Internet is so vast that you can’t be everywhere. Fortunately, advanced brand protection technology using artificial intelligence is emerging. The technology can hunt for and shut down spoofed domains and Web sites.

Was lässt sich daraus schließen?

Online brand protection may not be a priority for small businesses, but with spoofing and phishing on the rise experts suggest that no business is safe. Fortunately, there are several relatively easy and effective steps you can take to protect your business—and your customers.

[1]Phishing: These Are the Companies that Hackers Impersonate When They Try to Steal Your Data,” ZDNet

[2]Spoofing Attacks: Everything You Need to Know,” Springboard

[3]  “Microsoft Security Intelligence Report Volume 24,” Microsoft

[4]Spoofing Attacks: Everything You Need to Know,” Springboard

[5]We’ve been cyber-conned,” Red Kite Community Housing

[6]How Much Damage Can One Bad Experience Cause a Brand?,” The Motley Fool

[7]Spoofing Attacks: Everything You Need to Know,” Springboard

[8] Phishing: These Are the Companies that Hackers Impersonate When They Try to Steal Your Data,” ZDNet

[9]Brand-Impersonation Fraud Is On the Rise and Can Hurt Your Business,” Business.com

[10]Brand-Impersonation Fraud Is On the Rise and Can Hurt Your Business,” Business.com

Sie wollen noch mehr Artikel wie diesen? Abonnieren Sie unseren Blog.

Erhalten Sie alle aktuellen Nachrichten, Tipps und Artikel direkt in Ihren Posteingang

Das könnte Ihnen auch gefallen:

Why DMARC is Essential for Online Brand Protection

DMARC helps stop bad actors delivering m…

DMARC helps stop bad actors delivering malicious emails that… Read More >

Megan Doyle

von Megan Doyle

Mitwirkender Verfasser

Posted Jun 15, 2020

Understanding Online Brand Exploitation and Its Consequences

Online brand exploitation is a very real…

Online brand exploitation is a very real—and complex&m… Read More >

Megan Doyle

von Megan Doyle

Mitwirkender Verfasser

Posted Jun 01, 2020

Shoring Up Brand Protections in the Age of Domain Spoofing

Cybercriminals leverage the trust and di…

Cybercriminals leverage the trust and digital reputations th… Read More >

Matthew Gardiner

von Matthew Gardiner

Principal Security Strategist

Posted May 19, 2020