The enterprise world is familiar with phishing, where you receive a message that is disguised to appear genuine to trick you into performing a harmful action. But hackers may be impersonating your brand to mislead your prospects, customers, vendors, and partners into performing similar harmful actions. Such brand impersonation/brand spoofing/brandjacking attacks can be carried out in various ways but the impact on your business is the same – loss of trust and erosion in brand value.
Why Hackers Impersonate Your Brand
It is easy to understand why hackers impersonate famous brands, such as large ecommerce companies, video streaming sites, or cloud service providers – we are all likely to have an account with them and therefore we are not surprised to receive a message from them. But these large organisations are also aware that hackers are impersonating their brands and implement measures to block the impersonation attempt quickly.
Smaller organisations may not have the widespread brand recognition of multinational giants, but they often occupy a niche within their industry and have built their brand the old fashioned way – through product/service quality rather than marketing. This leads to smaller organisations often enjoying greater trust from their stakeholders. They also may not have the resources to be proactive in their defence against brand impersonation. The combination of these factors makes smaller organisations increasingly popular targets for brand impersonation/spoofing attacks.
How Hackers Impersonate Your Brand
Hackers may impersonate your brand through
- Typosquatting – The hacker creates a website with a domain name similar to your website to take advantage of users’ typos when entering the name of your website in their browser
- Fake Apps – The hacker creates an app on prominent app stores with a name and description that strongly resemble your app to mislead users into downloading and logging into the malicious app
- Fake Social Media Accounts – Creating a fake social media account with your business’s name is very easy and hackers can use this to build an audience for their malicious content
- Business Email Compromise (BEC) – The hacker compromises email addresses in your organisation to send malicious emails that will be trusted by the recipient because the sending email ID is genuine, it is only the message that is fraudulent
- Email Spoofing – The hacker sends forged emails that appear to be from you/your organisation to avoid raising suspicion, but are actually from a different sender/organisation
All these methods are used to spread misinformation, scams, malicious links, and malware. Irrespective of the hacker’s goals, the end-result for your organisation is a loss of reputation with other possible recovery costs and penalties as well.
How You Can Stop Hackers From Impersonating Your Brand
Attack-specific Measures
You can protect your business’s brand by taking specific measures against each attack method.
Typosquatting
Your organisation can go to court or file a complaint against a typosquatting domain through the Uniform Domain Name Dispute Resolution Policy Administrative Procedure. This will require frequent scanning for similar domain names to identify typosquatting. Alternatively, your organisation can register similar domain names that are the most likely misspellings of your domain name i.e, you will typosquat on your own domain name to prevent others from acquiring such domains. Typosquatting is sometimes carried out to redirect traffic to your website through an affiliate link to earn a commission from you. While this may not harm your reputation, it will result in paying unearned commission and the typosquatter may be tempted to undertake other activities on their domain which will harm your brand.
Fake Apps/Fake Social Media Accounts
Fake apps can be reported via Apple’s App Store Content Dispute and Google’s Removing Content From Google page. Social media channels also have a reporting mechanism, usually in the account of each user/page, where you can report a fake account or page. This will again require frequent scanning to identify such fake apps and social media accounts. It is advisable to also create and maintain official social media accounts to prevent fake accounts from building an audience.
Business Email Compromise
Business Email Compromise (BEC) requires the theft of credentials to legitimate email accounts, typically through phishing or keyloggers. Effective enterprise cybersecurity, like K7 Endpoint Security, can block both phishing attempts and keyloggers. Endpoint security also helps avoid the takeover of official social media channels through credential theft.
Email Spoofing
Email spoofing relies on the lack of authentication in core email protocols. This can be mitigated through the implementation of email authentication measures such as Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM), and Domain-based Message Authentication, Reporting and Conformance (DMARC).
General Measures
Cybersecurity Policy
A comprehensive cybersecurity policy is the basis of a strong defence against brand impersonation. Your organisation’s cybersecurity policy should lay down
- Password Hygiene – to enforce strong passwords, provide for multi-factor authentication where possible and prevention of password reuse/recycling to avoid email and social media account takeover
- Deactivation of Unused Email Accounts – to avoid business email compromise of inactive email accounts of employees who have left the organisation
- Timely Domain Renewal – to prevent attackers from registering the official business website domain name when its registration expires, which will have far worse consequences than typosquatting
Communication to Stakeholders and Prospects
Frequent communication that links to the official website, apps, and social media handles directs current and prospective stakeholders to your official communication channels and prevents attackers from building an audience under your brand name with fake sites, apps, and social media accounts.
Employee Training
Cybersecurity training should be provided to employees to help them spot and stop phishing attacks that target the user rather than the device, teach them the basics of cyber hygiene, and provide them with a cybersecurity SPOC through whom they can discuss cybersecurity concerns and report suspected incidents of brand impersonation.
K7 Security’s enterprise cybersecurity solutions protect businesses from the brand erosion and business reputation loss that result from phishing- and malware-based cyberattacks. Contact us to learn more about how we can help you avoid brand impersonation and preserve stakeholder trust.