Latest Political Cyber Fraud: Warren Endorses Sanders??!  No... It's Fake. (She Remains Neutral)

Posted by Greg Mancusi-Ungaro

Sat, Mar 05, 2016

2016 Elections Project Update:  On Monday, just before the Super Tuesday Democratic Primaries, this "NY Times" article made the rounds on social media:

It wasn't legitimate.  And it wasn't a parody.  It was a fraud, pure and simple. 

News of this fake article exploded on Monday, sending the NY Times and many other news organizations scrambling to disavow the article and have it removed from the web. Within a few hours, it was gone. But the damage may have already been done - the article was shared over 50K times, including 15K Facebook shares.  It was probably viewed by hundreds of thousands of people across all kinds of social channels.  Enough to swing an election? Possibly!   

Read More

Topics: scam, brand abuse, Reputation Management, Social Media Monitoring, cyber threats, impersonation, CISO, threatSMART, 2016 Elections

Jeb Bush Has A Domain Problem.  Do You?

Posted by Greg Mancusi-Ungaro

Tue, Dec 08, 2015

That sound you hear is a bunch of the staffers at jeb2016.com (the official Jeb Bush website) trying to make it seem like they are on top of their web presence.  Or is that the Trump team, laughing?  We can't be sure.  

The Washington Post reported yesterday that people who type "jebbush.com" into a browser found themselves redirected to Donald Trump's official site, donaldjtrump.com. You read that right -- one of the leading candidates for the Republican nomination for President of the United States has found himself on the wrong side of one of the most basic domain abuse issues. Someone else has registered a similar domain and is using it to confuse the public. Try it: jebbush.com (It's fun!)

Download the InfoGraphic

Yes, it's funny for a moment. But in reality it is very scary. In fact, it is potentially devastating.

The massive breach at Anthem earlier this year originated from spear phishing emails that were sent from domains that impersonated Anthem. The employees who recieved the emails did not notice that the emails originated from a rogue address. They unwittingly opened attachments or clicked on links that gave the attackers inside access to Anthem networks. 

Game over.

When others appropriate your web presence by registering or appropriating a similar or easily mistaken domain, they put themselves in a position to confuse your message, siphon revenues or worse. 

How big a problem can it be?...

Read More

Topics: Brand Protection, data breach, scam, brand abuse, Domain Management, cybersquatting, Phishing, gTLD, brandprotect, infographic, cyber threats, online risk, brandjacking, Health Care, OSINT, Jeb Bush, Legal, Spear Phishing, CISO, CSO, InfoSec, Donald Trump, 2016 Elections, Anthem, CMO

When You Can’t Trust Criminals on the Deep Web, Who Can You Trust?!

Posted by Jeff Daisley

Fri, Jul 31, 2015

During my morning news scan, I came across some interesting articles surrounding the recent Hell Tor deep web cybercrime forum.  And in particular, discussion about the associated text file that contained more than 23,000 records that “appeared” to be a user database populated exclusively by user accounts with dot-gov email from the Office of Personnel Management (OPM). After a close review of the file, experts stated that these records -- made available as a teaser and/or as “proof” that the hackers had compromised the agency --  were not from the OPM,  instead they were a list of users stolen from a different government agency — Unicor.gov, also known as Federal Prison Industries.

Read More

Topics: scam, hackers, cyber threats, OPM Breach, deep web, pastebin

What We Can Learn From Target's Post-hack Email

Posted by Omri Benhaim

Thu, Feb 06, 2014

In December I received a communication from a client asking if I could look into an email that their employees were receiving; claiming to be from the retailer Target regarding the recent financial security breach. Many of the employees were either not sure what to do about the email or claimed to have never shopped at any Target store and were not sure why they were receiving the email in the first place.

Read More

Topics: Malware, scam, Phishing, Emails

How to Take Down a Phishing Site: 5 Crucial Steps

Posted by Dylan Sachs

Mon, Dec 09, 2013

After telling people what we do here at BrandProtect, people often ask me “How do you ‘take down’ a phishing page?”  Well, today I’m going to tell you.  Phishing mitigation is a multi-step process that involves several steps.  First and foremost, you have to find them. 

Read More

Topics: Malware, scam, Phishing, Risk, copyright

Deflecting the Social Engineer: CSO Guidance from BrandProtect

Posted by Ben Bradley

Fri, Sep 20, 2013

The grifter, conman and the thief makes a great story and an even better film. But in today’s reality, what once was the debonair Paul Newman in the Sting, has become a social engineer.

Read More

Topics: Identity Theft, Brand Protection, Security, data breach, scam, risk management, Privacy Protect, defamatory

The 2012 Olympic Brandjacking Games

Posted by Omri Benhaim

Fri, Jul 20, 2012

Sports events are frequently used as social engineering lures for scams and the 2012 Olympic Games are no different. Over the past few months scammers have been rallying in an effort to steal as much money and information as possible from unsuspecting victims before the start of the 2012 Olympics.

Read More

Topics: scam, Reputation Management, Phishing, brandjacking

The Evolution of Malware (and how your brand is at risk)

Posted by Natasha Vadori

Fri, Jul 06, 2012

People often think that Malware only comes from visiting dangerous websites, when in fact that is not true at all. You don’t have to be downloading movies or software to become victim to these attacks. Very often a seemingly innocent ad on webpages or social media sites will prompt you to download an apparent legitimate program that you will need to view something in particular. The source the malware stems from is often legitimate, and the sites themselves are also victim.

Read More

Topics: Malware, Brand Protection, scam, brand abuse

Subscribe to our weekly CyberThreat Digest

Each week, our Cyber Threat Analyst team prepares a digest of the latest cyber threat news and alerts. Subscribe today and begin receiving it on Monday.

 Get the Weekly CyberDigest

 

Subscribe to receive a weekly summary of our latest posts

Posts by Topic

see all