Crooks exploit brands to target clients

Tech Reporter

South African organisations are growing wary of criminals exploiting their brands to target their customers, partners or the general public.

  According to the latest Mimecast State of Email Security Report, 84% of South African organisations are concerned about web domain, brand exploitation or site spoofing attacks.

  Cybersecurity expert at Mimecast Mikey Molfessis says cybercriminals are acutely aware of the ease with which they can register lookalike domains, and launch sophisticated attacks impersonating trusted brands that are nearly indistinguishable from the real thing.

  “It has become common for malicious actors to use our favourite retailers or other loved brands and services, to trick people into handing over money or sensitive information. And it is becoming harder for these brands to continue to avoid responsibility,” Molfessis says. 

  He adds that local concerns outweigh global averages, with 43% of local organisations admitting they are very concerned about an attack that directly spoofs their email domain, compared to a global average of 37%.

  The report also found that chief information officers (CIOs) and chief information security officers (CISOs) are most likely to control the budget for securing the organisation’s corporate brand from web or email spoofing or other forms of exploitation and impersonation.

  “There is an argument to be made for the chief marketing officer to take ownership of this budget, since they are typically responsible for their brand’s reputation, but our research revealed this is the case at only 10% of South African organisations,” says Molfessis.

  He adds that considering that nearly four in 10 South African organisations expect the volume of web or email spoofing attacks to increase in the next 12 months, it makes sense to have a dedicated senior resource looking after the organisation’s online brand integrity.

  “Worryingly, 16% of organisations we surveyed didn’t even know if a web or email spoofing attack had used their domains or lookalike domains. This could have devastating effects on the organisation’s brand and reputation if left unchecked,” Molfessis adds.

Leave a Reply

Your email address will not be published. Required fields are marked *