The deep-rooted problem of online fraud for marketers
Targeted fraud that hijacks trusted brands has been a long-time challenge for financial services companies. More recently, fraudsters have been focusing their efforts on new industries such as software as a service (SaaS) vendors or companies with cloud-based offerings, telecoms, retail and internet brands.
In the last couple of years, there has been a 400% increase on phishing attacks in non-financial industries. In the UK alone, phishing attacks increased by 21% in 2015, with an estimated cost of £174.4m to consumers.
If we look at the online fraud landscape today, there is a tangled web of potential threats, including phishing, business email spoofing scams and malware. While phishing has been around for more than 15 years and is effectively the ‘grandfather’ of all scams, the methods are continuously evolving.
Not only are a wider range of industries being attacked, common targets now include file-sharing services residing on the cloud.
The Deep Web
It is not only the surface web or indexed sites that brands need to worry about. Increasingly, mitigating these risks is also harder to do as cyber criminals are making more use of the Deep Web — the vast majority (96%) of the Internet comprising unindexed content, such as webmail pages, company intranets and pages behind paywalls.
The Deep Web includes the Dark Web, a series of visible sites with hidden IP addresses that allow criminals to act anonymously.
The severity, scope and changing nature of cybercrime highlights the importance of protecting and proactively defending an organisation. As with facing many types of threats, preparation is key to preventing attacks.
Cyberattacks on organisations across a wider number of sectors continue to surge
This can be accomplished by setting up early warning systems that advise of new domain registrations using terms that are misleadingly similar to the genuine brand, thus limiting the impact on customers.
Organisations can use intelligence and proactive monitoring of key sources to detect instances of phishing and malware across email and other digital channels. This can include shutting down or restricting access to phishing sites.
It can also include partnering with anti-fraud vendors who share phishing alerts with other stakeholders, including ISPs, browsers, security vendors and email providers to assist in blocking malicious sites at the Internet gateway.
However, measuring and mitigating cybercrime risk is getting increasingly complex.
How do you protect your brand?
Many organisations tend to focus their brand protection and anti-fraud strategies on monitoring and enforcing against abuse on the surface web — ignoring the unindexed and hidden regions of the Internet. With the number of methods and threats steadily increasing, understanding the level of activity in these hidden areas is just as important.
As a result, solutions have been developed that use leading-edge technology to detect, analyse, mitigate and also provide near real-time alerts for a more comprehensive approach to anti-fraud.
Conventional threat analysis requires security experts to scour multiple platforms and manually identify threats.
There are solutions on the market that use automated processes to monitor and identify threats and deliver insight into specific threat activity. Leveraging smart robot technology, these solutions mimics human behaviour to interact with cybercriminals and infiltrate their networks.
Cyberattacks on organisations across a wider number of sectors continue to surge, putting proprietary corporate information, trade secrets and employee access credentials at risk.
Brands need to be aware of all threats to their IP and leverage every available tool to monitor, detect and protect their organisations and gain a better understanding of the real risk of fraud.