By: Werno Gevers
cybersecurity expert at Mimecast
With the UAE in the middle of its annual peak shopping season - the Dubai Summer Surprises - online retailers and their customers need to remain on high alert for cyberattacks.
Data from Mimecast indicates that top retail, fashion and lifestyle brands are being impersonated in cyberattacks designed to trick unsuspecting shoppers looking to get a great deal or buy that must-have item.
The Dubai Summer Surprises offers sales, special offers and prize draws across the city from July to early September. After what has been an immensely challenging 18-months, consumers are understandably excited to engage in some retail therapy and relieve some of the pressure caused by the pandemic.
However, cybercriminals lie in wait. As marketers at top retail and fashion brands aim to promote specials by sending the right message to reach the right customers at the right time, so do cybercriminals.
Except when it comes to crooks, the objective is not to offer great deals, but to steal credentials, infect devices with malware and subvert the trust customers have in their favourite brands for their own monetary gain.
Based on Mimecast threat intelligence, global brand impersonation emails directed at Mimecast customers rose by 44% in 2020 to reach an average of nearly 27 million emails per month. Since this only accounts for Mimecast customers, the actual scale of the problem is likely far worse.
The more popular the brand, the more likely it will be co-opted into cybercriminals' nefarious plans. Mimecast’s State of Brand Protection report highlights how companies on the Brandz Top 100 Most Valuable Global Brands 2020 index experienced a massive 381% increase in brand impersonation attacks during the two months of May and June 2020 compared to January-February, before the pandemic struck.
During the same period, the number of new domains suspected of brand impersonation spiked by 366%.
The result? Customers are increasingly being duped, with monthly clicks on dangerous links by unsuspecting shoppers soaring by 84.5% over the course of the year.
In the UAE, 36% of respondents to the Mimecast State of Email Security 2021 Report saw an increase in brand impersonation via counterfeit websites, and two in five had a rise in malicious email spoofing.
Brands are becoming increasingly concerned over the damage such attacks can have on their reputation and relationship with customers. Ninety-five percent said they would be concerned if a counterfeit website misappropriated their company's brand, up from 74% in 2020.
These concerns are not without merit. Frost & Sullivan research shows that nearly half (48%) of respondents to its survey stopped using an online service when it had suffered a data breach.
Mimecast’s Brand Exploit Protect web-scanning tool uncovered how various retailers on Kantar’s top 100 brands list - such as Amazon, Zara, Chanel, and Adidas – have all been recent victims of brand impersonation.
Meanwhile, a web scan created in the past six months of five of the top online retailers in the Middle East and North Africa picked up over 18 000 domains with a similar name to these brands. Over 5000 of these were created within the last six months, which is often a pretty good indication that something might not be right.
The popularity of these brands, especially during this peak shopping season, means consumers are often left vulnerable as they rush to get that one great deal or special offer.
For these and other brands looking to regain lost revenue following the global economic slowdown of the past year-and-a-half, such attacks could not come at a worse time.
To protect customers against cybercriminals and fraudsters, brands need to deploy new tools and implement additional policies to maintain the integrity of their brands online.
Marketers and security teams should work in close partnership: marketing teams can help security teams distinguish legitimate uses of their brand from bad actors, and security teams can help marketers gain greater visibility over the extent to which their brand is being exploited.
Security teams need to act quickly to take down spoofed domains. Brand protection services are invaluable here: tools such as DMARC help identify outgoing emails impersonating legitimate domains, while brand exploit protection tools can block brand attacks before they launch, and stop live attacks in their tracks.
Brands also need to drive awareness of cyber threats among customers, equipping them with the knowledge to identify potentially fake or malicious brand impersonation attempts.
Finally, by integrating brand exploit protection services with email and web security solutions, organisations can strengthen their overall cyber resilience and be far better equipped to halt impersonation and other forms of attack before they affect customers, partners or employees.