Brand hijackers put e-tailers, customers at risk this Black Friday
On top of a challenging economic year, SA’s retailers and e-tailers now face an increased risk of costly brand damage at the hands of brand hijacking attacks this Black Friday and festive season.
This is the warning from Duane Nicol, cyber security specialist at Mimecast, who was speaking ahead of a Mimecast webinar on brand impersonation attacks.
These attacks can use legitimate businesses’ logos and registered trademarks for personal gain, or spoof legitimate businesses’ sites to launch phishing attacks or gather customer credentials and data, potentially causing risk to customers and serious reputational damage to the legitimate businesses.
“Retailers and e-commerce sites are facing the perfect storm at the moment,” says Nicol. “You now have more employees working from home, with a false sense of security around what they access, since they are using company devices. Our recent research showed that while 94% of respondents are aware that links in e-mail, on social media sites and on Web sites can potentially infect their devices, 50% still admitted to opening e-mails they thought were suspicious.
"In addition to this challenge, you also have retailers and e-commerce businesses trying to ramp up sales and generate excitement around black Friday and festive season shopping. This is an excellent opportunity for criminals to create a ton of traffic to spoofed sites.”
Mimecast says the retail sector is a particularly attractive target for cyber criminals due to financial motivation, increased e-commerce activity in light of the pandemic, and the potential to steal data or credentials.
Nicol explains that spoofing a site is a relatively simple matter, and toolkits and tutorials on how to do so are widely available online. Brand impersonators typically use phishing attacks or social media posts to lead consumers to fake landing pages, often using limited-time incentives to encourage them to click through. “For many e-tailers, the first indication that their site has been spoofed is a social media storm slamming their brand,” says Nicol. Getting the fake site taken down could take weeks, or even months using traditional methods, he adds.
“Protocols such as DMARC, using tools like DMARC Analyzer, help organisations track the domains they own and quickly identify any attempts to use those domains for nefarious purposes via e-mail,” says Nicol.
Mimecast’s Brand Exploit Protect service helps brands proactively scan the open Web and detect attempts to spoof a legitimate brand. Using a combination of machine learning and quadrillions of targeted scans, it is able to identify even unknown attack patterns at an early stage, blocking compromised assets before they become live attacks.
“By working proactively, our takedown service takes just minutes or hours at most. It provides good integrations with most registrars globally; and our SOC analysts build comprehensive forensic documents fed via APIs directly to the registrars’ inboxes,” he says. “Because it is a pure cloud service, we can implement and generate the first report within days, and it is accessible to even small tier-four retailer sites.”
Mimecast, in partnership with ITWeb, will host a webinar outlining the brand exploitation risks facing retailers and their online customers, and how to mitigate them. For more information, and to register for this event, go to https://www.itweb.co.za/webinar/mimecast-safeguard-your-brand-from-cybercriminals/index.html