Website impersonation, also known as brandjacking or website spoofing, has emerged as a significant threat to online businesses. Malicious actors clone legitimate websites to trick customers, leading to financial scams and data theft causing reputation damage and financial losses for both organizations and customers.
Research shows a new phishing site is created every 11 seconds in 2023. Typically, even though the company is a victim of spoofing, the customer holds them responsible for the data breach.
Current market solutions rely on threat intelligence tools that search for fake sites and attempt takedowns. However, takedown processes can be time-consuming, leaving fake sites active and the scope of attacks remains unknown during the critical window of exposure, the time between when the fake site is up and until it is down.
Even though organizations spend millions on threat intelligence solutions to protect their domains and reputations, they only have visibility to the suspicious domains that are discovered but have no visibility at all to how many users were attacked, who fell for the scam and what is the potential damage. Without customers complaining, companies are left in the dark. During that time of exposure to a still active spoofed site, the company and its customers are vulnerable (even if the impersonating site is detected). Now, there’s a new approach available to the market addressing this challenge.
Memcyco, a Tel Aviv-based Real-Time Website Spoofing Protection Solution, redefines protection against website impersonation. The solution safeguards customers and organizations from the moment the attack’s window of exposure opens, irrespective of its duration. This article will delve into Memcyco’s Proof of Source Authenticity (PoSA™) solution, offering an in-depth breakdown of its capabilities.
To protect websites from spoofing, Memcyco’s solution is easily installed within minutes on the authentic site or its network. Various attack scenarios were tested to evaluate its effectiveness. Let’s get into the findings of their process next.
In order to simulate impersonation attacks on customers we created clones of the protected site using several available “spoof kits”.
We then navigated to the cloned site as if clicking on the fake site URL – the way an innocent customer would do if they got the fake site URL in an email or text message which they trust to be from the real organization.
Immediately upon attempting to load the URL the following message appears:
Simultaneously, the Memcyco console provides Security Operations teams with detailed attack information.
Memcyco’s PoSA™ raises alerts over other significant events that may lead up to an attack – such as attempts to build an impersonating website. Such reconnaissance efforts by the bad actor raise the following alert:
Memcyco enhances user trust without requiring customers to rely on security checklists in order to determine if the site they are on is fake or real. Memcyco’s product verifies site authenticity by displaying a unique-to-the-user digital watermark to prove the site’s authenticity to customers.
Organizations invest a lot in educating their customers to be on the vigil for scams of this type, essentially trying to turn them into cyber-savvy users who can spot a fake email and site and avoid scams. Memcyco offers a simple solution to this “fake or real” conundrum that doesn’t depend on the user’s ability and willingness to exercise a security checklist every time they access the brand site.
To do so Memcyco can display a digital watermark to prove the site’s authenticity to customersUsers are provided a unique secret presented within the watermark and they can personalize this secret for easy recognition. The PoSA™ watermark secret is unforgetable and unique to each user. Imposter sites cannot replicate it, ensuring users only see their own code on the authentic site. The watermark secret can be personalized by customers to something they can easily recall – either a text code or an image.
.
Memcyco’s PoSA™ solution includes back-end dashboard and reporting tools for real-time brand impersonation monitoring and post mortem attack analysis. A global view of attack locations and counters help businesses stay informed and provides full visibility of the attack’s magnitude and its details.
PoSA™ integrates with SIEMs for workflows like URL takedown and account takeover prevention. Memcyco alerts kick-start these processes.
Memcyco’s solution goes beyond takedown approaches, actively protecting its customers and their customers during the critical window of exposure. It is an agentless solution that promises to reduce brand reputation damage and protect consumers from scams. With its features and real-time capabilities, Memcyco is a refreshing change when it comes to phishing, website spoofing and ATO (Account Take Over). It redefines website spoofing protection with maximum attack visibility and protection for companies and their customers.
