|
The year 2020 has created an increased impetus for change—especially as companies embrace digital transformation at an accelerated pace. Cybercriminals have also upped their game, switching their attention to hot targets such as healthcare and pharmaceutical brands.
Despite criminal focus changing, some of the underlying tactics aren’t new. Cybercriminals continue to exploit digital blind spots, especially with the digital assets that are managed by third-party providers. Vulnerable digital assets include domain names, domain name system (DNS), and secure sockets layer (SSL) digital certificates.
Here are 10 types of digital threats:
1. DNS hijacking – When a third party forwards a company’s web visitors to fake websites to steal login credentials and confidential data.
2. DNS cache poisoning – When cyber criminals re-route saved internet queries to malicious websites.
3. Expired digital certificates – When organizations that require a large volume of digital certificates are not able to replace them before expiration, leaving websites open to threats.
4. Expired or abandoned domain names – When lapsing the wrong domain names might mean the loss of business-critical services that enable you to operate. Corporate domain names carry a footprint of activity that can be leveraged as an attack vector.
5. Distributed denial of service (DDoS) attacks – When a high volume of internet traffic bombards a targeted server, service, or network to disrupt normal traffic.
6. Online counterfeiting – When fraudulent product listings and websites divert revenue away from genuine brands, and in some cases, are dangerous to the consumer (e.g., fake pharmaceutical products, food, and alcohol). Counterfeits are found in every industry from fashion to consumer electronics through food, pharmaceuticals, and consumer goods.
7. Domain infringements – When spoofed domains that are misspelled or use a combination of words (e.g., buy-brand.com) divert traffic from brand websites. Monetized click sites, copycat websites, and counterfeit sites are designed to defraud.
8. IP infringement – When an established brand’s name, logo, or other assets (content, social media, pay-per-click, etc.) are used to impersonate that brand for financial gain, or to add “legitimacy” to misinformation. This dilutes a brand, and damages reputation and profits.
9. Phishing – When innovative and costly scams are used to obtain data that can lead to corporate data breaches, credit card fraud, and identity theft. The potential for reputational damage, legal action, and data privacy fines are high.
10. Email fraud – When emails forge a company’s sender identity to phish for information and commit fraud.
To find out how CSC can help you prevent these threats from attacking your brand, contact us.
Sponsored byVerisign
Sponsored byWhoisXML API
Sponsored byCSC
Sponsored byIPv4.Global
Sponsored byDNIB.com
Sponsored byRadix
Sponsored byVerisign