- What Is Brand Impersonation?
- How Can Brands Protect Themselves and Their Customers?
According to Google Transparency Report 2018, the number of phishing sites detected per week has drastically increased from 3,800 in Nov 2007 to 49,696 in Nov 2017.
What is brand impersonation?
What are the motives of a hacker?
- Using the target’s login credentials to access financial details as well as initiate fund transfers,
- Stealing personal information like address or phone number to sell it to others, and
- Ruining the trust of a service provider’s customers by charging them with false dues.
How do hackers impersonate a brand?
Source Forgery
Links
https://genuinewebsite.com For example: http://passinest.com*> https://support.google.com(*Disabled phishing link)
In the above example, clicking on https://support.google.com will take the user to http://passinest.com. of the received email can be checked by the following steps :
- Open the received email without clicking on any link.
- Right-click anywhere in the email to see the options.
- Select “Inspect” option to see the “Inspection View” of the email.
Lookalike Domains
A hacker is most likely to use fedexcare.com to fake “FedEx Cares” website (fedexcares.com) which is an official FedEx website
1. Netflix scam
Here is one such Netflix scam targeting its customers.
“We were unable to validate your billing information for the next billing cycle of your subscription,” the hoax email states. “We’ll suspend your membership if we do not receive a response from you within 48 hours.”
A recent Netflix email scam shows that the hackers are now targeting the legitimacy of the website. This is done by using Transport Layer Security (TLS) certificates.
2. Bank of America phishing
Signs of green flags:
- Bank of America’s logo and address
- Look-alike link
- Signature and reference
- Terms and Condition
Signs of red flags:
- A sense of urgency
- Common salutation
- Warning of account suspension
- Fake link – mouseover to see the original link
3. LinkedIn phishing
Signs of green flags:
- Personalized email
- Genuine logo usage
- Unsubscribe option – similar to the original LinkedIn emails
Signs of red flags:
- Irrelevant suggested connections
- Action to click over a link to follow or DM
- Non-LinkedIn links
- Not from “messages-noreply@linkedin.com” sender address
- LinkedIn holds your professional identity which can be used for IDENTITY FRAUD.
- Professionals do maintain their LinkedIn ID with their business account. Hence, LinkedIn phishing attacks can result in DATA BREACHES.
4. PayPal phishing
PayPal logo with the sender domain asservice@paypal.comconvinced many customers to click on the link to see the transaction details.
Personal information: Name, street address, city, state, zip, country, phone number, mother’s maiden name, and date of birth.
Credit card information: name, number, expiration code, security code.
Signs of green flags:
- PayPal logo
- PayPal email structure
- Use of regular PayPal email font
Signs of red flags:
- A sense of urgency
- Asking to download an attachment
- Unauthorized access notification
- ‘PayPal’ written as ‘Paypal’ (Some phishing emails)
- Asking to fill an attached form
5. Google Docs phishing
1.2 million Gmail users were affected by this attack. Here is an official statement from Google on this attack.
Official statement: “We realize people are concerned about their Google accounts, and we’re now able to give a fuller explanation after further investigation. We have taken action to protect users against an email spam campaign impersonating Google Docs, which affected fewer than 0.1 percent of Gmail users. We protected users from this attack through a combination of automatic and manual actions, including removing the fake pages and applications and pushing updates through Safe Browsing, Gmail, and other anti-abuse systems. We were able to stop the campaign within approximately one hour. While contact information was accessed and used by the campaign, our investigations show that no other data was exposed. There are no further action users need to take regarding this event; users who want to review third-party apps connected to their account can visit Google Security Checkup”.
Signs of green flags:
- Google logo
- Use of similar email structure
- Specific salutation
Signs of red flags:
- Immediate action
- Asking for access permissions
6. Amazon phishing
Signs of green flags:
- Amazon logo used along with the order description
- Use of regular Amazon email structure
Signs of red flags:
- Immediate action
- A sense of urgency
7. Telstra phishing
This attack was so sophisticated that it was difficult to differentiate between the original and fake Telstra Email Bill.
Signs of red flags:
- Recipient’s Telstra account number missing from the subject line
Common salutation: ‘Dear Customer’
Hackers used “www.my-Telstra-com-au” to fake the real site “www.my.telstra.com.au”
- Credit card information
- Billing address
- Date of birth, driver’s license number, and mother’s maiden name
8. Facebook phishing
Now the question is: “Is it that easy to create a fake Facebook login page?” The answer is YES! If you search ‘Facebook phishing page’ on Google, you will get the following results:
9. Wells Fargo phishing
Wells Fargo is an American bank with over 70 million accounts. Recently, people were targeted with a Wells Fargo phishing email that said, “We have Updated Your Contact Information.”
Signs of red flags:
- Account number missing from the subject line
- Use of ‘Common salutation’ instead of ‘Dear ’
- The changes were not displayed in the email. Instead, the attackers asked the customers to log in to their account to view the changes
- Customer login credentials
- Transaction details
- Personal details
10. Apple phishing
For Apple users, all of their data is stored in their iCloud account by default. The scammer sent out threatening Apple phishing emails to its customers warning them about their account suspension.
Signs of red flags:
- Apple ID is not mentioned in the email
- A sense of urgency
- Call to action that leads to a phishing page
- Apple support link is not embedded in the email
11. Dropbox phishing
Signs of green flags:
- Email from “no-reply@dropbox.com”
- Dropbox logo
- File name with sender details
- Dropbox team signature
Signs of red flags:
- Dropbox text icon
- No file details
- No file owner details
- Link to access the file
12. Yahoo scam
For example, in the image given below, you can see a “Yahoo Account Disabled” email.
Signs of red flags:
- The email is marked to 50 people
- There is a warning to delete the account along with emails, contacts, and other data
- The “Sign in and verify it” link points to a phishing site
Remember: Your bank, credit card company, or email service provider will never loop you into a group email. They will only communicate with you through personal email.
13. Microsoft phishing
"Your password reset is in process and your current password will be disabled shortly the password reset link will be forwarded to the new optional email submitted”.
14. Chase fraud
JPMorgan Chase is a well-established American investment bank and financial services company. In a recent cyber attack, scammers targeted Chase customers with an email that read:
“Many of our banking improvements are inspired by customers’ requests.”
15. Comcast scam
In this Comcast phishing email, the “Unlock” link redirects the subscribers to a malicious site that mimics Comcast (Xfinity) login page. This was done to collect user credentials.
16. AT&T phishing
“Dear Valued Customer You are advised to verify and re-confirm your AT&T online account to enable us upgrade your account. Any AT&T member who fails to respond or upgrade his or her account will automatically loose the AT&T account. Response to this urgent mail would enable us to upgrade our data system for your security. To verify that your account is valid and active, simply click on the link below: Click here to verify your account now.”
Signs of red flags:
- Bad grammar
Common salutation: “”
How can brands protect themselves and their customers?
“Hacking of customer data could cause 80% of consumers to abandon your brand”
Moreover, it also affects market reputation, directly impacting the brand equity
Understanding brand impersonation
Secure internal process
- Restricting database access to authorized users/employees only. This helps in reducing the chances of infection by brand impersonation attacks,
- Creating awareness among the employees handling customer data. They should be aware of confidentiality requirements and risks of data breach,
- Identifying and reporting brand impersonation emails,
- Encrypting sensitive information when it is transmitted electronically over networks or stored online. Data encryption is always a safer and better way to transmit the data, and
- Implementing anti-phishing software solutions.
Customer/Employee awareness
1. First, when something seems too good to be true, always suspect it.
2. Second, social media has its own way of marking the ‘verified’ brands. Communicate with ‘verified’ brands only.
3. Third, look for grammatical mistakes. Fraudsters are really not good with grammar.
- No online service provider will ever ask you to provide your username, password, credit card number, full name, bank account number, etc. through emails.
- Genuine emails will not contain any embedded links in it. They will never ask the users to fill information in forms.
- They will never ask the user to download software programs from other sites or ask them to go to other sites apart from a known business site.
- You should always visit the website by directly typing the address in the browser.
- You should be suspicious of any email that has urgent requests for your personal information.
Interested in finding out actionable techniques to stop phishing attacks? Click here.