Trust resides at the heart of every relationship between an organization and its end users. Many customers choose which company they do business with purely based on its perceived trustworthiness and integrity. It is a universal consumer need independent of age, income, country, and gender. If organizations do not build trust, customers won’t buy from them.
In the online world, trust has become much more complex. How can a customer trust an organization without traditional face-to-face interactions? This has necessitated the definition of a new concept, “Digital Trust.” Digital Trust is a framework made of many different components. It measures the confidence in the integrity of interactions and transactions between a customer and an organization.
When an organization invests in creating an online brand, its reputation is one of the most critical factors to its success. To maintain its reputation, it will invest heavily in digital trust efforts that ensure the business’s longevity. Organizations with a good Digital Trust brand reputation will retain their customers and grow their audience. As a result, organizations have been spending billions of dollars bolstering their security arsenal to achieve better and more consistent Digital Trust.
Brand Impersonation Damages Digital Trust
As more businesses move online and conduct transactions digitally, the gates open for new cyberattacks on digital organizations. One of the most prevalent, elusive, and damaging cyberattack methods is brand impersonation.
While it may seem self-explanatory, brand impersonation attacks can take many forms. Attackers can clone or spoof an organization’s website, creating fake but identical-looking payment pages to trick customers into giving money to them. Attackers even create identical-looking fake storefronts that sell counterfeit goods. This is such a prevalent phenomenon that in a quarter of 2022, phishing and brand impersonation attacks exceeded one million (APWG).
Each successful brand impersonation attack causes damage to the affected customer, which needs to be investigated and remedied. The damage also extends to the organization when such attacks are made public because they erode the brand’s “trust value” and the return on the organization’s investments in digital trust. Studies have shown that, on average, 44% of customers have stopped transacting with a company due to a lack of trust resulting from these attacks (PwC).
Because these attacks happen on the customer side, outside the organization’s security perimeter, organizations only find out if they suffered a brand impersonation attack after the fact–through customer complaints or by seeing the damage incurred by media posts.
Then, it falls to the business teams to investigate and remedy the fallout by paying out refunds and addressing incoming customer complaints. The fraud team will need to verify whether the customer complaints are from legitimate sources and address them. CISOs will face the challenge of investigating an attack that takes place outside their current security perimeter.
Why do existing approaches fall short?
The issue with the current market approach to brand impersonation protection is that it is limited to scanning for suspicious domains that can be used as attack platforms. While these can be effective when they discover the platform before the attack is launched, attackers usually quickly launch attacks from such platforms and then move on to other domains.
At the same time, the takedown process consists of the organization having to file with the domain registrar to prove the site is an actual phishing site and request a takedown. All of this can take days or weeks; by then, it is just too late to prevent damage. Additionally, such solutions do nothing to discover attack URLs with meaningless names and can also bring false positives. This is too little, too late and still leaves a wide margin for criminal operation.
Another approach to protection attempts aims to stop email messages, which are the prevalent method of inviting users into impostor site traps. However, one can only apply such solutions to employees, which does nothing to protect the end users: customers, prospects, and partners.
Given this lack of an effective solution for such attacks, customers are constantly being educated about their online activity’s threats. However, they are not known to read or implement the complex steps required to stay safe online.
This will result in “Phishing Fear Syndrome,” when consumers instinctively fear that their personal and/or financial information will be compromised since they can’t trust the sites they visit are authentic. They choose simply not to digitally engage with the organization at all. For example, 76% of respondents to a survey in the UK said they want to see organizations taking proactive steps to protect them online rather than investing in educational campaigns or communications (CSO).
Organizations often implement MFA as a key component of their security arsenal to verify user authenticity. However, we are seeing increasingly sophisticated cyberattacks that bypass MFA, such as man-in-the-middle and “short-lived domains,” which are fake domains that stay live for no more than a couple of hours.
How to achieve and maintain digital trust?
For organizations to be able to protect their investment in Digital Trust and further bolster it, their security arsenal should include the following characteristics:
- Real-time visibility of brand impersonation attacks as they are being planned and carried out. The security team must be immediately aware of the following:
- Cybercriminals investigating the organization ahead of an impersonation attack
- Actual attacks on customers
- Full visibility of the affected end-users who were attacked, the scope of the damage, and data about the impostors. This information is critical to the business, fraud teams, and information security.
- Proactive damage prevention
- Alerts to end users that keep them from falling for impersonating sites
- The desired solution should go beyond detecting and stopping attacks and establish a way for organizations to “mark” their authentic digital presence so that customers can tell authentic sites from fake ones.
To be effective, solutions offering such features should have the following characteristics:
- Be easily consumed by and affordable for organizations of any size.
- Be automatic and transparent for end users, not requiring them to install or register to be protected.
- Be easy to implement and manage by IT and security teams, and also serve the visibility and response needs of fraud and business teams.
- Be independent of but compatible with existing cyber solutions, chiefly SIEMs.
- Be able to identify and stop existing, new, and emerging threats.
Closing the trust gap with Proof of Source Authenticity (PoSA™)
The digitization of our economies has forced a fundamental shift in how organizations, their customers, and other end-users interact and transact with each other. Therefore a new approach is needed that addresses the needs of all of them.
MEMCYCO’s PoSA™ is the world’s first agentless security solution that enables businesses to provide security against brand impersonation attacks to their customers outside the organization’s perimeter. It requires no installation or registration by the end user. It is straightforward to install on the organization’s websites, so it is consumable by organizations of all sizes.
It provides attack monitoring and reporting and goes beyond to also offer customer-facing Proof of Authenticity via a sophisticated alert system that stops users from entering fake sites. A unique, unforgeable digital brand watermark gives users the means to verify that they are on the brand’s authentic site.
PoSA™ is a solution that thoroughly protects organizations’ investments in digital trust, helps increase their bottom line, and at the same time, proactively protects end-users’ digital assets and transactions. Read more about PoSA™ here.
Eyal is head of demand generation at Memcyco