Cybercriminals can exploit your company’s brand name to promote dubious goods and services, prey on your customers, partners, and employees, or steal personal data. Learn how to protect your company’s reputation from illegally using brand names online.
When a brand becomes well known, it can be exploited by cybercriminals. They can hide behind the brand name to promote some dubious quality goods and services or prey on the brand’s clients, partners, or employees. The latter – including the information security department – often don’t know of the existence of malicious brand clones until their actions lead to a stream of emails to customer support or a scandal on social networks. Such incidents negatively affect the brand’s reputation. Three types of internet doppelgangers are the most common.
Fake apps in stores
Today, almost every business has its app for convenient customer access to online services – sometimes more than one. Users who search for an app in an online store get more than one result. While most users will download the most popular option (which usually is the authentic one), it’s likely that some will fall for the scammers’ trick and install a fake app – especially if they receive a direct link to it. Such a malicious app can hide anything – from a banking Trojan to a remote access tool to the user’s mobile device. Kaspersky experts recently found several modified versions of popular instant-messenger apps on Google Play containing spyware code.
Fake social media accounts
Social media accounts posing as relating to a certain brand can be used by criminals in various schemes. They are often used to spread false information – to promote some semi-legal (online casinos) or outright fraudulent activities (giveaways for all kinds of prizes, tickets or bitcoins) supposedly affiliated with a certain corporate brand. However, a fake account can also distribute malicious or phishing links or serve as a platform for more sophisticated social engineering attacks.
Phishing sites
If a company’s website has a member area for clients, partners or employees, the personal credentials to these accounts are of interest to attackers. At some point, attackers will try to imitate such a website to harvest logins and passwords – at least to resell this information to other cybercriminals.
How to protect a company’s reputation from copy-cats?
In most cases, illegal schemes involving imitation of a website, an app, or a social media account are targeted at someone else (individuals or business users). However, the reputation of the brand that is being maliciously imitated suffers. Therefore, such brand twins should be identified and eliminated before they cause significant damage.
We’ve updated the Kaspersky Digital Footprint Intelligence service to share our expertise on this matter and help companies quickly detect their brand twins.
Kaspersky Digital Footprint Intelligence is designed to enable customers to monitor their digital footprint and identify potential associated risks and vulnerabilities. Some time ago, its functionality was supplemented with monitoring for phishing sites that use brand names or were registered using typosquatting and combosquatting and a domain takedown service.