ANTI-PHISHING: HOW TO TRACK FRAUDULENT DOMAIN NAMES

Recent socioeconomic crises took a big toll on businesses, and in their wake, fraudsters thrive. The pandemic, for example, fuelled a surge in ecommerce, and digital piracy spiked alongside it. Phishing attacks trick more businesses than ever, and these attacks demand new strategies to mitigate risks. Fortunately, the proactive steps we’ll discuss below help you anticipate threats and keep your business same from scammers.

According to a report from ScamAdvisor, online scams increased from 139 to 266 million due to COVID-19, representing a 91.37% increase between 2019 and 2020. The extent of this increase reveals the prevalence of phishing attacks targeting countries and companies across the globe.

TACKLING PHISHING AT THE SOURCE

To understand more about this trend, and how to tackle it, we must understand more about phishing itself. Phishing attacks internet users by enticing them to disclose personal and/or banking information by pretending to be a trusted third party. To initiate this deception, they often rely on domain names. Fraudulent domain names allow attackers to launch convincingly deceptive emails, so hackers often register before they launch a phishing scam.

Cybercriminals certainly didn’t hold back during the Covid crisis: reports show up to 1,000 domain names registrations containing the words “Covid” or “Corona” every day.

FOCUSING ON PRE-ATTACK SIGNALS

Some anti-phishing strategies limit risks on a user-by-user level. However, modern businesses require a comprehensive approach to maintain their entire infrastructure and protect their assets company-wide. 

EBRAND’s solution addresses this objective by providing security managers with two major functionalities to combat phishing on the Internet: X-RAY Radar and X-RAY Tracker. Both functions specifically focus on pre-attack signals, such as domain name creations and/or changes affecting them.

X-RAY Radar, an integrated service dedicated to monitoring domain name usage, SSL certificates, subdomains, logos, social networks, and the Dark Web, supports real-time identification and detection, around the clock. Detected threats include:

  • Any new domain name registration (or its expiration), the creation of subdomains, and the activation of new SSL certificates used by cybercriminals for their phishing operations.
  • Existing domain names and subdomains that are identical, contain, or resemble your company’s name, products, keywords, email addresses, or any other vital element related to its online activity (homoglyphs, homographs, typos, etc.).
  • The use of your logo across all websites available on the Internet through reverse image search.
  • Data leaks (e.g., email address usernames and passwords) circulating on the Dark Web.

X-RAY Tracker, on the other hand, monitors changes in various categories of data related to domain names. This includes new registrations in the DNS zone (e.g., email activation), information published in the WHOIS database (e.g., DNS server or registrant changes), and web page content.

When the X-RAY Radar detects a suspicious and unused registration, the X-RAY Tracker monitors the domain to identify any changes. From there, you can analyze the risks of phishing and malicious activity over time.

Additionally, the X-RAY Tracker monitors a company’s own domain portfolio to detect any unauthorized changes and keep these assets safe.

REPORTING AND BLOCKING PHISHING WEBSITES

Using the Blocklist functionality, companies report phishing domains with the click of a button. These reports head to EBRAND’s network of partners, including industry-leading authorities like APWG, Phishtank, OpenPhish, ScamAdvisor, and Google Safe Browsing. X-RAY also lets users block access to fraudulent websites from web browsers. In turn, additional actions such as legal grounds-based takedown requests support domain removal or recovery.

AUTOMATING YOUR SECURITY PROCESS

Once the EBRAND solution integrates with a company’s network via the dedicated API, it automates a security process for blacklisting all suspicious domain names detected by the hourly X-RAY Radar surveillance. 

This strategy delivers two main advantages:

  • It protects your colleagues by curbing fraudulent emails
  • It saves considerable time for the company’s CISO and IT manager, eliminating the need to analyze lengthy surveillance reports in order to act quickly

EXPERT ADVICE

When it comes to phishing attacks, every second counts. EBRAND’s X-RAY solution hunts down phishing pre-attack signals, letting users anticipate the risks and tackle them before they develop. Find out more about phishing attacks, and how X-RAY helps you prevent them, right here on our solutions page.

Want to turn insights into actions?

Reach out to the team, and get the conversation started

Uncover Digital Threats

Get a tailored audit of your digital landscape - fill out the form and connect with an expert today!

EBRAND

Client login

Welcome to the client login portal, where EBRAND users access their solution platforms. Select your solution below:

Not an EBRAND client yet? Sign up
Discover more on our Solutions pages