Will the Real Donald J. Trump Please Stand Up?

Posted by Peter Dylan

Thu, Jan 28, 2016


As part of the BrandProtect 2016 Elections Project, we’ve been looking at The Donald’s use of Twitter. 

Or, more accurately, we’ve been looking at how others have been using Donald Trump's identity to promote their twitter activity.  There are lots of them.....

 

Read More

Topics: cybersquatting, online identity, twitter, brandprotect, cyber threats, Donald Trump, 2016 Elections

191 Million Voter Records Have Been Exposed. What Does it Mean To You?

Posted by Greg Mancusi-Ungaro

Fri, Jan 08, 2016

 

Over the past weeks there has been a lot of reporting, including these great pieces by Steve Ragan at CSOonline.com and Mathew J. Schwartz at BankInfoSecurity.com about a December 20, 2015 discovery that a database containing 191 Million voter records had been exposed online. As part of the BrandProtect 2016 Elections Project, we dug into the situation, and what it means to you.

Because of the nature of the exposure – effectively a database containing the records was left unlocked and unprotected – there is no way to know who might has downloaded the information.

Make no mistake, this is a big number. And it is an important number.  Consider this: the US Census Bureau estimated that there were approximately142 Million registered voters in 2014. This means that the recent exposure of 191 million voting records is not just a large data breach.  It’s a national issue -- effectively every registered voter in America has had their PII exposed... Wow...

Read More

Topics: Identity Theft, data breach, Social Media Monitoring, cybercrime, social media, online risk, PII, Spear Phishing, Voting Records, 2016 Elections

Jeb Bush Has A Domain Problem.  Do You?

Posted by Greg Mancusi-Ungaro

Tue, Dec 08, 2015

That sound you hear is a bunch of the staffers at jeb2016.com (the official Jeb Bush website) trying to make it seem like they are on top of their web presence.  Or is that the Trump team, laughing?  We can't be sure.  

The Washington Post reported yesterday that people who type "jebbush.com" into a browser found themselves redirected to Donald Trump's official site, donaldjtrump.com. You read that right -- one of the leading candidates for the Republican nomination for President of the United States has found himself on the wrong side of one of the most basic domain abuse issues. Someone else has registered a similar domain and is using it to confuse the public. Try it: jebbush.com (It's fun!)

Download the InfoGraphic

Yes, it's funny for a moment. But in reality it is very scary. In fact, it is potentially devastating.

The massive breach at Anthem earlier this year originated from spear phishing emails that were sent from domains that impersonated Anthem. The employees who recieved the emails did not notice that the emails originated from a rogue address. They unwittingly opened attachments or clicked on links that gave the attackers inside access to Anthem networks. 

Game over.

When others appropriate your web presence by registering or appropriating a similar or easily mistaken domain, they put themselves in a position to confuse your message, siphon revenues or worse. 

How big a problem can it be?...

Read More

Topics: Brand Protection, data breach, scam, brand abuse, Domain Management, cybersquatting, Phishing, gTLD, brandprotect, infographic, cyber threats, online risk, brandjacking, Health Care, OSINT, Jeb Bush, Legal, Spear Phishing, CISO, CSO, InfoSec, Donald Trump, 2016 Elections, Anthem, CMO

Viewpost Chooses BrandProtect

Posted by Greg Mancusi-Ungaro

Wed, Dec 02, 2015

Viewpost® Selects BrandProtect™ to Secure Complex Attack Surface

Payments Marketplace Provider Required a Solution With Round-the-Clock Threat Monitoring and Mitigation to Protect Its Customer Information From Beyond the Perimeter Attacks

Read More

Topics: Malware, mobile app monitoring, Security, Social Media Monitoring, Phishing, webinar, SMART, brandSMART, bankSMART, threatSMART

ThreatAlert: Wildcard DNS Attack Spike

Posted by Dylan Sachs

Mon, Oct 19, 2015

BrandProtect has recently observed a spike in activity for one of its customers; a large, NA-based financial institution with global presence.  These attacks employ a “wildcard” DNS entry – eg. *.domain.com – and simple scripting to create hundreds of unique URLs, thereby circumventing exact-match antispam rules, and increasing the likelihood of phishing lure delivery. 

Read More

Topics: cyber threats

What Should CISOs Learn from Ashley Madison?

Posted by Greg Mancusi-Ungaro

Wed, Sep 02, 2015

This month the BrandProtect Executive Threat Brief focused on lessons that individuals can learn from Ashley Madison. It is likely that the Ashley Madison breach will be remembered as one of the most notorious and high-profile breaches ever. Why? Because the exposed data was more than just personally embrassing, it was, in many cases, relationship-changing, employment-threatening, and business damaging.

5 Key Take-Aways

1) Ashley Madison is Bad for Your Business
Many companies saw their name dragged through the dirt as scores of corporate email addresses surfaced among the millions of exposed Ashley Madison accounts. Deserved, or undeserved, it is never good when your company is dragged through the dirt. And when key executives and other corporate leaders are caught up in the story, it can be very bad for business.

Read More

When You Can’t Trust Criminals on the Deep Web, Who Can You Trust?!

Posted by Jeff Daisley

Fri, Jul 31, 2015

During my morning news scan, I came across some interesting articles surrounding the recent Hell Tor deep web cybercrime forum.  And in particular, discussion about the associated text file that contained more than 23,000 records that “appeared” to be a user database populated exclusively by user accounts with dot-gov email from the Office of Personnel Management (OPM). After a close review of the file, experts stated that these records -- made available as a teaser and/or as “proof” that the hackers had compromised the agency --  were not from the OPM,  instead they were a list of users stolen from a different government agency — Unicor.gov, also known as Federal Prison Industries.

Read More

Topics: scam, hackers, cyber threats, OPM Breach, deep web, pastebin

CyberAttack Exposes IRS Tax Returns

Posted by Greg Mancusi-Ungaro

Wed, May 27, 2015

irs-phish

Just a month ago, I wrote about an emerging critical cyber threat trend -- attacks centered on health care providers and health insurance systems.  These schemes are very lucrative for thieves because the loot, electonic health records, contains everything needed -- social security numbers, known addresses, phone numbers, relatives, payment preferences -- to create duplicate identities for individuals.  Just add the photo.

Read More

Topics: Security, data breach, hackers, security breach, cybercrime, cyber threats, impersonation, PII, Health Care

Free White Paper

BrandProtect 
2016 Cybersecurity Predictions

Trends, Opportunities, Strategies, for CISOs, and Security Executives

Download the 2016 Predictions  

Subscribe to receive our latest posts in your inbox

Posts by Topic

see all