Fraud Management

FRAUD MANAGEMENT. The illegal brand use on Internet is an increasing problem that cannot be ignored. Organizations –regardless of industry sector and size- find it difficult to ensure to themselves the exclusive right to use their name. Online brand abuses and attacks are of many different types and sizes and the same happens with counterfeit and domain name property online market. The abuse methods are different, but the aim is always the same: the fraudulent appropriation of the company identity. With the Fraud Management service it is possible to promptly fight the brand illegal use on the whole Web. Through the combination of web monitoring and domain registrations associated to the analysis carried out by the Communication Valley SOC security team, the service carries out a brand protection program the characteristics of which allow for a rapid identification and claim to the lawbreakers of the right to use the brand, ensuring a constant and prompt response. Many different methods can be used to carry out online frauds linked to the company image use. Some are described below, with the indication of what could be done to fight the abuse.

  • Improper brand use. The identification and elimination of online counterfeits and sales on the grey market is one of the objectives of the suite of solutions for company identity protection offered by Communication Valley. Damages to brand and image caused by unauthorized product sales (ex. online bids), counterfeits and distractions provoked by the grey market in strongly competitive sectors can be avoided thanks to solutions that increase the visibility on illegal online activities, by simplifying and speeding up abuse identification procedures.
  • Phishing. This is an online fraud technique which uses different methods to mislead the user and convince him to give personal and sensitive information (user name, password, credit card number and so on). The most frequent attacks are carried out through false e-mail messages and suggestions of deceptive links to cheat sites. The attackers are most of the time criminal organizations that expect a very high number of users to be caught in the trap so that they can have the desired information.
  • Pharming. It is a technique used to support phishing to convince the user of the legality of cheat sites. The attack is on the DNS (Domain Name Server) which is jeopardized by changing the IP addresses associated to company sites. In this case the user cannot be aware of what is happening when he keys in the correct address to connect to the desired site and is diverted to a false site used to steal the user’s credentials.
  • Use of expired domains. A brand abuse attempt , as well as phishing and pharming attacks, is often carried out by using a domain name containing the company brand or a variation of it. For this reason, the creation of domains which can be exploited in that way must be always monitored.

The Fraud Management service of Communication Valley is based on a technological infrastructure dedicated to:

  • Continuous monitoring -H24x365dd- of a wide range of data to find clues for phishing actions, data obtained from distributed honeypots, email, newsgroups, spam, referrers and registration areas;
  • Collection of information concerning the registration of new domains and/or the monitoring of existing domain status with the aim of preventing the use of registered (or expired) domains or domains similar to the brand to be protected from ill-intentioned users;
  • Collection and analysis of the actions of spiders launched on the web to search for new Internet pages that use some specific brands in order to identify their illegal (or legal) uses;
  • Constant monitoring of any change to authority DNSs for specific Internet domains in order to promptly identify any pharming activity.
  • Constant watching of networks and providers of malicious sites (watch-list);
  • Management of the activities towards providers, organizations and bodies (ex. CERT) to obtain the closing of clone sites. In particular, for financial institutions, Communication Valley has created the Transaction Monitoring module, a tool used to clearly monitor online activities (both for login and post-login) and to identify high risk actions by signaling the adequate countermeasures to the customer. With reference to Home Banking, different transaction typologies are supported: session logging, money transfer, profile change, operations on securities, card recharges and checks on specific bank web applications.

Why us?

Anti-phishing activities are performer using a series of specialized proprietary tools and offering support, 24/7, by specialists working in our SOC (Security Operations Center).