How to Combat Brand Impersonation Attacks

What is brand impersonation?

Brand impersonation, or brandjacking, is a tactic used by cybercriminals creating fraudulent emails, websites, or social media accounts to pose as trusted brands or people. Cybercriminals undertake phishing or spoofing campaigns and typosquatting to trick company employees and consumers into believing communications and websites are legitimate as a way to steal credentials, personal information, and even money.

A 2024 survey from the UK’s Department for Science, Innovation and Technology stated that over 70% of businesses and charities had experienced their brands being impersonated in emails or online. And in the U.S. according to the Federal Trade Commission, in 2023 there were over 330,000 reported cases of business impersonation scams. This is where proactive measures make a difference, and in this blog we will explain in more detail about how brand impersonations can affect organizations and how brands can protect themselves from being victims of this type of attack.

How does brand impersonation work?

Brand impersonation scams can target and exploit established brands, government organizations, and company executives. But, how are employees and consumers targeted and tricked into engaging with impersonated brands?

Typosquatting

A large part of brand impersonation involves cybercriminals creating fake websites that mimic a website from a trusted brand. Typically, the site’s domain name will be misspelt in a way that will go unnoticed by consumers.

Consumers and employees will use the site believing they are on the real site of the brand and be tricked into buying the likes of counterfeit goods, entering login information to their bank, or downloading fake software.

Phishing emails

Customers and employees can be tricked by receiving emails they believe are coming from a recognizable brand and trusted source, such as well-known retailers, financial institutions, or even their own colleagues.

Phishing emails will have a sender address that looks very similar to the legitimate brands email domain, sometimes with small variations like a misspelled word or extra characters. The email may also contain a sense of urgency. For customers or consumers this can look like flash deals or sales and for employees this may be a cybercriminal impersonating a colleague asking for login information to be provided quickly.

These emails will contain links that appear to lead to the legitimate company website, but will actually take the consumer or employee to a fake phishing website with the aim to steal login credentials or personal information.

Social media profiles and pages

Cybercriminals will create fake social media accounts and pretend that it’s the official brands page. These fake social media pages will then run fake promotions selling counterfeit products, create fake competitions to steal customer information, or give out false information.

By mimicking a company’s logo, tone, and digital assets, attackers aim to trick consumers into believing they are interacting with the real brand, often leading to financial fraud, data breaches, or reputational damage.

Fake advertisements

Falsely presenting themselves as being a trusted brand, cybercriminals often use fraudulent advertising to sell counterfeit products or lure customers into scams.

Cybercriminals skills have advanced to the point where they have even compromised Google Ads, bypassing the platform’s security checks.

Not only does this trick innocent victims into downloading malware or losing their data to phishing sites, it also erodes trust in brands and by association in Google Search itself.

How does brand impersonation affect organizations?

For organizations, the cost of brand impersonations can be huge. Not only can it result in large financial loss, but it can damage the reputation of the brand in the long term.

When it comes to financial loss, spoof websites divert sales from a brand’s legitimate website to the fake site, ultimately reducing the revenue of the brand. Financial loss can also come in the shape of the organization needing to spend time and money remediating the attack, including:

• Fees to remove spoof sites and typosquatting domains.
• Legal fees.
• An increase in cybersecurity insurance.
• PR and marketing campaigns to rebuild the brand’s reputation.
• Additional staff to cover customer service enquiries.

As well as financial losses, brand impersonation campaigns exploit customer trust and loyalty, damaging the brand’s credibility. Brand trust isn’t built overnight and it represents the organization, its products, services, and serves as a pillar of confidence for customers. And this is why cybercriminals exploit brands for their illicit activity.

As a result of a consumer engaging with fake websites or other digital channels that have been impersonated, they may become less likely to trust the brand. Because of bad experiences, duped consumers can be left with negative feelings towards the real brand, even though the legitimate brand had nothing to do with the scam. And if the brand isn’t proactively monitoring for spoof sites, fake social media accounts or typosquatting domains they may not know about these scams until they hear from consumers.

Additionally, brand impersonation scams can also affect the trust of their employees, especially when it comes to hiring new talent. 82 percent of job seekers consider reputation to be a critical factor in their decision to apply, and 50 percent of candidates wouldn’t work for a company with a bad reputation. If organizations are struggling to recruit because of their reputation, it may struggle to keep their operation moving forward and meeting their goals.

These effects of brand impersonation show how essential it is that organizations protect their brand and stay ahead of cybercriminals.

How organizations can protect their brand

Brand impersonations are different from other cyberattacks. Not only do these attacks target a company’s systems, but they also take advantage of a brand’s trust and reputation. So, how can brands protect themselves?

Takedown services quickly disrupt and remove sites impersonating brands. These services automatically detect phishing sites across all major domains & swiftly take down malicious sites posing a threat to your brand, employees, and customers.

Phishing and takedown services, like those from Searchlight, automatically alerts you to phishing sites impersonating your brand across 3,300+ top-level domains, including typo and combo squatting, ensuring you can protect your users from fake sites and spoofed emails that compromise sensitive information. Searchlight’s takedown service identifies combosquatting and typosquatting sites that pose a reputational threat to brands – work that would take security teams and analysts hours to complete.

Ultimately, this lets teams focus on defending against new threats without the added cost of involving legal teams or dealing with the administrative hassle of removing these sites from the internet.

Protect your brand

Brand impersonation is a critical problem that can severely affect a brand. Investing in proper cybersecurity monitoring can significantly reduce the impact of brand impersonation. As brand impersonation continues to grow as a tactic for cybercriminals, especially with the introduction of AI, it’s important organizations stay ahead of the threat to safeguard their brand.