Brand Misuse
Brand misuse is the unauthorized or improper use of a company's name, logo, or other intellectual property by a third party. This malicious activity aims to deceive or mislead consumers, damage the brand's reputation, or gain a financial advantage. It goes beyond simple trademark infringement, often encompassing a wider range of deceptive tactics on the internet.
Examples include:
Typosquatting: Registering domain names that are common misspellings of a legitimate brand's website.
Domain Squatting: Registering a brand's domain name with the intent to sell it to the rightful owner for a profit.
Social Media Impersonation: Creating fake social media profiles or pages that look like a brand's official presence to spread misinformation or scam followers.
Counterfeit Products: Manufacturing and selling knock-off products that use a brand's logo or name to appear legitimate.
Phishing Attacks: Creating fake websites or emails that mimic a brand's official communications to steal personal information.
Brand misuse can lead to significant financial losses, legal challenges, and a decline in consumer trust. It is a key concern for companies in today's digital landscape, where an organization's online presence is vital to its business.
ThreatNG is a solution that helps an organization defend against Brand and Phishing threats through its various capabilities.
External Discovery and Assessment
ThreatNG's external discovery capability performs unauthenticated discovery to identify all publicly exposed digital assets, such as domains, subdomains, and web applications. This process is foundational for brand and phishing defense. ThreatNG's external assessment capability then performs a range of assessments to evaluate an organization's susceptibility to attacks.
BEC & Phishing Susceptibility is derived from Domain Intelligence (Domain Name Permutations and Email Intelligence), Sentiment and Financials Findings, and Dark Web Presence. For example, by analyzing domain permutations with terms like "login" and "verify," ThreatNG can identify a fraudulent domain (yourcompany-login.com) that could be used in a phishing campaign to steal credentials.
Brand Damage Susceptibility is derived from external attack surface and digital risk intelligence, ESG Violations, and Sentiment and Financials (including lawsuits and negative news). By identifying domains that use derogatory terms like "sucks" or "awful," ThreatNG can help an organization mitigate potential reputational harm before it occurs.
Mobile App Exposure evaluates an organization's mobile apps discovered in marketplaces for the presence of sensitive data, such as access credentials and security credentials.
Continuous Monitoring and Reporting
ThreatNG offers continuous monitoring of external attack surface, digital risk, and security ratings for all organizations. This allows an organization to continuously track its security posture and detect emerging brand and phishing-related risks. The Reporting capability provides various reports, including Executive, Technical, and Prioritized reports, which offer actionable intelligence to help organizations prioritize security efforts and effectively allocate resources.
ThreatNG's investigation modules enable detailed analysis to uncover brand and phishing threats.
Domain Intelligence uncovers potential threats through its features. The Domain Name Permutations capability detects manipulations of a domain to find brand impersonation and phishing attempts. For example, it can identify a typosquatted domain like microsoft-support.com, which looks similar to the official domain and is used in a phishing scam.
Email Intelligence provides email security presence and format predictions, which help identify fraudulent email addresses.
Sensitive Code Exposure discovers public code repositories and investigates their contents for sensitive data like API keys and credentials. This helps find exposed data that attackers in phishing or brand attacks could use.
Dark Web Presence identifies organizational mentions of related people, places, or things, and associated compromised credentials.
ThreatNG's continuously updated intelligence repositories, known as DarCache, provide critical context for assessments.
DarCache Rupture contains compromised credentials, which are vital for identifying potential sources of phishing attacks and understanding an organization's risk.
DarCache ESG tracks ESG violations, which are used to help derive the Brand Damage Susceptibility score.
Complementary Solutions
ThreatNG can work with complementary solutions to enhance an organization's security posture.
SOAR (Security Orchestration, Automation, and Response) Platforms: ThreatNG can provide intelligence on fraudulent domains, brand mentions, and compromised credentials to a SOAR platform. This platform can then automatically trigger actions such as blocking malicious URLs on a firewall, sending automated takedown requests for fraudulent domains, or creating incident tickets. For example, ThreatNG identifies a brand-abusive domain like brand-sucks.com and a SOAR platform automatically initiates a legal takedown process.
TIP (Threat Intelligence Platform) Solutions: ThreatNG can feed its unique intelligence on brand and phishing threats into a TIP solution. This enables the organization to correlate ThreatNG's findings with other threat feeds for a more comprehensive view of the threat landscape. For instance, a TIP could combine ThreatNG's discovery of a fraudulent domain with a threat feed indicating it is associated with a known attack group, providing richer context for an investigation.
Email Security Gateways: ThreatNG can help an organization bolster its email security by providing a list of fraudulent domains and email addresses identified through its investigation modules. The email security gateway can then block or quarantine emails originating from these malicious sources. For example, if ThreatNG identifies a domain like support-company.net as a fraudulent domain with a mail record, the email security gateway can be configured to block all mail from that domain.
