Jeb Bush Has A Domain Problem.  Do You?

Posted by Greg Mancusi-Ungaro

Tue, Dec 08, 2015

That sound you hear is a bunch of the staffers at jeb2016.com (the official Jeb Bush website) trying to make it seem like they are on top of their web presence.  Or is that the Trump team, laughing?  We can't be sure.  

The Washington Post reported yesterday that people who type "jebbush.com" into a browser found themselves redirected to Donald Trump's official site, donaldjtrump.com. You read that right -- one of the leading candidates for the Republican nomination for President of the United States has found himself on the wrong side of one of the most basic domain abuse issues. Someone else has registered a similar domain and is using it to confuse the public. Try it: jebbush.com (It's fun!)

Download the InfoGraphic

Yes, it's funny for a moment. But in reality it is very scary. In fact, it is potentially devastating.

The massive breach at Anthem earlier this year originated from spear phishing emails that were sent from domains that impersonated Anthem. The employees who recieved the emails did not notice that the emails originated from a rogue address. They unwittingly opened attachments or clicked on links that gave the attackers inside access to Anthem networks. 

Game over.

When others appropriate your web presence by registering or appropriating a similar or easily mistaken domain, they put themselves in a position to confuse your message, siphon revenues or worse. 

How big a problem can it be?...

Read More

Topics: Brand Protection, data breach, scam, brand abuse, Domain Management, cybersquatting, Phishing, gTLD, brandprotect, infographic, cyber threats, online risk, brandjacking, Health Care, OSINT, Jeb Bush, Legal, Spear Phishing, CISO, CSO, InfoSec, Donald Trump, 2016 Elections, Anthem, CMO

Do you know who is viewing your LinkedIn profile?

Posted by Rosemary Brkopac

Tue, Jan 14, 2014

A couple of days ago I filed a Notice of False profile with LinkedIn (operator of a professional networking site with 259 million members) because a fake member account had been set up involving one of my financial clients.  The perpetrator’s profile indicated that “she” was a company branch manager, and she was sending out LinkedIn invites to her “co-workers” at the financial institution.  The profile should have screamed “a fake” to experienced users of the site.  Some tell-tale signs were that the profile was bare bones, with only my client listed as an employer (along with the presence of the company logo), and the image of the individual on the page looked like a robot.   I received a quick response back from LinkedIn saying they HAD begun processing the complaint, but that it may take some time to process.  Last week the news was full of articles stating that LinkedIn had sued hackers over the creation of thousands of fake accounts.  The hackers’ objective was to tap into legitimate member profiles (which they did at apparently a rate of hundreds of thousands of profiles each day) where they could glean a plethora of personal information.  At this point the identity of the hackers is unknown, and subpoenas are being served on Amazon Web Services, the cloud platform used to create the fake accounts, in an attempt to unmask them. 

The scheme was explained in an article published by Bloomberg on January 7th which stated “hackers using automated software created thousands of fake member accounts and copied data from actual member profile pages.”  The article goes on to say “the practice, known as data “scraping,” violates LinkedIn’s user agreements and federal and state computer fraud laws, the company said in a complaint filed yesterday against the unknown hackers in federal court in San Francisco. It has also strained and disrupted the company’s network computers and threatens to degrade the value of LinkedIn Recruiter, a fee-based service used by Fortune 100 companies that’s one of the company’s fastest-growing offerings, according to the complaint”.

Read More

Topics: Brand Protection, hackers, brand abuse, brandjacking

The Olympics Brand Police - Has Brand Protection gone too far?

Posted by Adriana Tayraco

Fri, Jul 27, 2012

Now that the marketing for the 2012 London Olympics is in full force, it is a good time to talk about one important subject for brands: Trademark and Brand Protection. Many brands are trying to capitalize on the hype and popularity of the sporting event to sell their products and services. There’s only one problem, the Olympic Deliverance Committee has set up a task force – appropriately dubbed the ‘brand police’ – whose sole goal is to ensure nobody uses the Olympics’ brand or makes direct reference to it unless they have paid a large sum of money to do so.

Read More

Topics: trademark issues, Brand Protection, brand abuse, Social Media Monitoring, brandjacking

The 2012 Olympic Brandjacking Games

Posted by Omri Benhaim

Fri, Jul 20, 2012

Sports events are frequently used as social engineering lures for scams and the 2012 Olympic Games are no different. Over the past few months scammers have been rallying in an effort to steal as much money and information as possible from unsuspecting victims before the start of the 2012 Olympics.

Read More

Topics: scam, Reputation Management, Phishing, brandjacking

Shell’s “Let’s Go” Campaign Hoax Fools Many, Spreads Fast, Stains Their Reputation

Posted by Adriana Tayraco

Thu, Jul 19, 2012

Every company’s worst PR, social media and trademark nightmare seems to be a harsh reality for Shell right now. The brand has been the target of a complex yet brilliant attack on behalf of activist group Greenpeace and the Yes Lab, they created a fake campaign against Shell and it went viral. The hoax campaign included a genuinely looking website – www.arcticready.com - complete with Shell colors and logos, and in it they encouraged visitors to submit suggestions for their next campaign and promote drilling in the Arctic. At the same time, a video was being released of an apparent Shell gala event gone wrong; in it a model oil rig ‘malfunctions’ and sprays oil on shocked attendees while security personnel tries to block the person recording the scene.

Read More

Topics: trademark issues, brand abuse, Reputation Management, brandjacking

Subscribe to our weekly CyberThreat Digest

Each week, our Cyber Threat Analyst team prepares a digest of the latest cyber threat news and alerts. Subscribe today and begin receiving it on Monday.

  Get the Weekly CyberDigest

 

Subscribe to receive a weekly summary of our latest posts

Posts by Topic

see all