Brand Impersonation

Common types of brand impersonation attacks include:

• Service impersonation is a type of spear-phishing attack designed to impersonate a well-known company or commonly used business application. These attacks are often use as an entry point to harvest credentials and carry out account takeover. Service impersonation is also used to steal personally identifiable or otherwise sensitive information.
• Brand hijacking is a common form of phishing and impersonation technique used by hackers. It occurs when an attacker spoofs a company’s email domain to impersonate the organization or one of its employees.

In most brand-impersonation attacks, scammers use email to impersonate a trusted entity, such as a well-known company or a commonly used business application. Typically, attackers try to get recipients to give up account credentials or click on malicious links. Attackers often use domain-spoofing techniques or lookalike domains to make their impersonation attempts convincing.

Using carefully designed templates that impersonate top brands, cybercriminals may send an email claiming your account has been frozen and giving you a link to reset your password. Sometimes, these emails ask you to review your account or a document. If you click on the link provided, you’ll arrive at a phishing website; it looks legitimate, but it’s designed to harvest your login credentials. If you enter your username and password on the fake site, the crooks then gain access to your real account, and they can steal confidential data, conduct financial fraud, and launch more targeted attacks within your organization.

• Block attacks. Cybercriminals are adjusting their tactics to bypass email gateways and spam filters, so you need a solution in place that uses artificial intelligence to detect and block attacks of this type. Deploy technology that uses machine learning to analyze normal communication patterns within your organization, instead of relying solely on looking for malicious links or attachments. This allows the solution to spot anomalies that may indicate an attack.
• Educate users. Educate users about brand impersonation attacks by making it a part of security-awareness training. Make sure they can recognize these attacks, understand their fraudulent nature, and know how to report them. Use phishing simulation for emails, voicemail, and SMS to train users to identify cyberattacks, test the effectiveness of your training, and identify the users most vulnerable to attacks.
• Set up DMARC reporting and enforcement. You can get visibility into domain fraud using DMARC authentication to protect against domain spoofing and brand hijacking. DMARC reporting provides visibility into how your email domain is used, which in turn allows you to set up DMARC enforcement policies that will prevent spoofing of your domain.