Spoofing protection: where IT meets PR

Category: News
Published: 14th June 2024

< Back to Media

IT and PR are two business areas that are not often linked together, especially in larger organisations. Unfortunately, suffering a cyberattack is one way that these two teams are often brought together. One of the longest lasting aftereffects of a successful cyberattack is brand damage, and so it is vital that these teams work together to reassure their clients and investors.

 

In the past, clients have been forgiving when brands suffer cyberattacks as there was a consensus that it was unintentional and could not have been avoided. This consensus has now shifted. As the proliferation of cyberattacks and the subsequent reporting of them has increased, consumers have become more aware of companies that have been compromised. As individuals are becoming more informed of cyber security through the media, legislation and best practices in their work and home lives, they are rightly becoming less forgiving when companies fail to adequately protect their data. This shift in expectations requires businesses to adopt robust security practices to protect their brand as well as their data.

 

Losing the label

Known breaches such as the British Airways 2018 attack are often referenced as what not to do. This can be a hard label to shake off. It has been 6 years since the data breach and yet, the record breaking ICO fine, and the two months it took for them to recognise the breach, mean it remains a prominent reminder for others.

When clients become aware of breaches, they’ll often switch providers where they can. As was found when the co-founder of an Australian hedge fund opened a phishing email that contained what appeared to be a legitimate zoom link. Clicking on the link allowed malware to access his emails, giving the attacker a complete education on the company operations. The hackers then started requesting funds from different accounts and approving them themselves via the hacked email account. This resulted in a loss of $1.2 million of funds. Following the breach, one of their biggest clients pulled their funds and the hedge fund subsequently had to close.

 

Emerging threats to your brand

More recently a new type of hack dubbed ‘SubdoMailing’ has been used to imitate existing domains of reputable brands to send emails and copy websites that look just like the real thing.

It is thought that more than 8,000 legitimate domains, and 13,000 subdomains are being used in the campaign to send millions of phishing emails a day to unsuspecting customers. As the malicious actors are using expired domains the emails appear to have come from a trusted brand source, creating a complete lack of trust in a brands legitimacy.

 

Steps to protect your brand

The argument of it not being your fault as a brand, when cyberattacks are so commonplace, is no longer good enough.

Every organisation should be taking the steps below to help protect their brand:

  1. Spoofing protection services:

Spoofing protection ensures your brand is protected via a secure domain. This is achieved by maintaining the security of your website certificates and ensuring that you have a strong email authentication system in place. This generates an automatic response to suspected fraudulent domains and quick remediation. A spoofing protection service will scan the internet continually so that any new lookalike domains are flagged right away, and you can get them taken down before any harm is done to your customers, supply chain and, of course, your brand.

  1. Email protection against business email compromise:

Email protection secures employee internal communication and reduces the risk of data leaks, stolen financial or personal information, and it secures your whole supply chain. With 3.4 billion phishing emails sent daily, setting up email protection tools and setting DMARC to p=reject is essential.

  1. Security Awareness Testing and Training

Most breeches occur due to human error, proving that it is an important aspect of security that cannot be ignored. Continuous Security Awareness Testing and Training helps employees recognise and respond to cyber threats, strengthening your human firewall. By making sure employees can identify threats, red flags, and are aware of the potential malicious actors, companies can foster a much-needed level of security.

  1. Implement XDR or MDR for IT infrastructure visibility

Cybersecurity threats are evolving faster than ever, with sophisticated attackers exploiting even the slightest vulnerabilities. In this ever-evolving landscape, relying solely on traditional, siloed security measures simply isn’t enough. MDR and XDR allow you to have complete visibility of your network, so unlike British Airways or the Australian hedge fund you will not have malicious actors in your network for months, because your SOC team, whether they are internal or external, will be alerted to them immediately.

 

Clients and supply chains are unlikely to forgive security breaches, most of which are avoidable. But by taking proactive measures, you can protect your brand and allow your PR team to focus on positive messaging rather than damage control.