When a brand becomes well known it can be exploited by cybercriminals – they can hide behind the brand name in order to promote some dubious quality goods and services, or they can prey on the brand’s clients, partners, or employees.
The latter – including the information security department – often don’t know of the existence of malicious brand clones until their actions lead to a stream of emails to customer support or a scandal on social networks.
Such incidents negatively affect the brand’s reputation. Three types of Internet-doppelgangers are the most common.
Fake apps in stores
Today almost every business has its own app for convenient customer access to online services – sometimes more than one. When a user searches for an app in an online store they get more than one result.
While most users will download the most popular option (which usually is the authentic one), it’s likely that some will fall for the scammers’ trick and install a fake app – especially if they receive a direct link to it. Such a malicious app can hide anything from a banking Trojan to a remote access tool to the user’s mobile device.
Kaspersky experts recently found several modified versions of popular instant-messenger apps on Google Play containing spyware code.
Fake social media accounts
Social media accounts posing as relating to a certain brand can be used by criminals in a variety of different schemes.
They are often used to spread false information – to promote some semi-legal (online casinos) or outright fraudulent activities (giveaways for all kinds of prizes, tickets, or bitcoins) supposedly affiliated with a certain corporate brand.
However, a fake account can also distribute malicious or phishing links, or serve as a platform for more sophisticated social engineering attacks.
Phishing sites
If a company’s website has a member area for clients, partners, or employees the personal credentials to these accounts are of interest to attackers. At some point attackers will try to imitate such a website in order to harvest logins and passwords – at least in order to resell this information to other cybercriminals.
How to protect a company’s reputation from copycats
In the vast majority of cases, the illegal schemes involving imitation of a website, an app, or a social media account are targeted at someone else (individuals or business users). However, it’s the reputation of the brand that is being maliciously imitated that suffers. Therefore, such brand twins should be identified and eliminated before they cause significant damage.
Kaspersky Digital Footprint Intelligence, for example, is designed to enable customers to monitor their digital footprint and identify potential risks and vulnerabilities associated with it.