When a brand becomes well known, it can be exploited by cybercriminals. They can hide behind the brand name in order to promote some dubious quality goods and services, or they can prey on the brand’s clients, partners, or employees.
The latter – including the information security department – often don’t know of the existence of malicious brand clones until their actions lead to a stream of emails to customer support, or a scandal on social networks. Such incidents negatively affect the brand’s reputation.
Three types of Internet-doppelgangers are the most common.
Fake apps in stores
Today almost every business has its own app for convenient customer access to online services – sometimes more than one.
When a user searches for an app in an online store they get more than one result. While most users will download the most popular option (which usually is the authentic one), it’s likely that some will fall for the scammers’ trick and install a fake app – especially if they receive a direct link to it.
Such a malicious app can hide anything – from a banking Trojan to a remote access tool to the user’s mobile device.
Kaspersky experts recently found several modified versions of popular instant-messenger apps on Google Play containing spyware code.
Fake social media accounts
Social media accounts posing as relating to a certain brand can be used by criminals in a variety of different schemes.
They are often used to spread false information – to promote some semi-legal (online casinos) or outright fraudulent activities (giveaways for all kinds of prizes, tickets or bitcoins) supposedly affiliated with a certain corporate brand. However, a fake account can also distribute malicious or phishing links, or serve as a platform for more sophisticated social engineering attacks.
Phishing sites
If a company’s website has a member area for clients, partners or employees, the personal credentials to these accounts are of interest to attackers.
At some point attackers will try to imitate such a website in order to harvest logins and passwords – at least in order to resell this information to other cybercriminals.
How to protect a company’s reputation from copy-cats?
In the vast majority of cases, the illegal schemes involving imitation of a website, an app, or a social media account are targeted at someone else (individuals or business users). However, it’s the reputation of the brand that is being maliciously imitated that suffers.
Therefore, such brand twins should be identified and eliminated before they cause significant damage.
To share our expertise on this matter and help companies to timely detect their brand twins we’ve updated Kaspersky Digital Footprint Intelligence service.
Kaspersky Digital Footprint Intelligence is designed to enable customers to monitor their digital footprint and identify potential risks and vulnerabilities associated with it.
Some time ago, its functionality was supplemented with monitoring for phishing sites that use brand names or were registered using typosquatting and combosquatting, as well as with a domain takedown service.
Also, to tackle brand clone, the service also allows to track, identify, and take down accounts on social networks and applications in stores that are illegally using a company’s name.
