Online Brand Impersonation Attacks Weaken Online Marketing Channels
Cyber Risks & Threats | March 24, 2022
This is a guest post from Allure Security, a leader in online brand protection-as-a-service.
Marketers must evaluate the cost-effectiveness of everything they do to ensure they’re investing resources wisely. Unfortunately, a number of hazards on the internet make this more difficult. Click fraud reduces the ROI of campaign budgets, and bots distort website metrics, making it harder to make good data-based decisions to improve conversions. Fake websites, deceptive social media profiles, and rogue websites also threaten businesses’ investments in their brand and online marketing channels.
Allure Security, a leader in online brand protection, has recently seen an increase in fraudsters carrying-out brand impersonation attacks by buying online ads (e.g., PPC, social media, mobile) that direct people to scam websites. Scammers know the value of a trusted brand and exploit that trust to take advantage of consumers. Not only does this fraud damage the brand and harm potential and existing customers, but it also reduces the efficiency and effectiveness of online marketing channels such as PPC ads, social media ads, and mobile ads.
Marketers want to reach authentic human customers through their online marketing channels without scammers getting in the way and misdirecting their audience to scam websites via phony ads.
Fake Shops & Online Shopping Fraud Are a Booming Business
Online shopping fraud costs grew 56% in 2021 according to the Federal Trade Commission, and the FBI estimates the sale of counterfeit goods costs the U.S. economy $600 billion annually.
A fake shop – or fake shopping website – looks and behaves a lot like a real shop. Scammers use freely available website copier tools such as HTTrack to create near-perfect digital clones of legitimate shops folks frequent every day. The fake e-commerce website is emblazoned with a brand visitors know and trust. The cloned site will include product listings, shopping carts, account sign-up or login, and will happily accept payment.
Increasingly, online advertisements (e.g., social media, PPC, and mobile) most effectively lure visitors to a fake e-commerce website, but additional methods include:
- Online advertisements (social media, PPC, and mobile)
- Search engine results
- QR codes
- SMS / text messaging
While the invite vector varies, the destination usually does tend to be the same – a scam website impersonating a trusted brand.
How Fake Sites Can Affect Digital Marketing
Today, the Anti-Phishing Workgroup reports that almost half a million new fake sites are added to the internet each month. In addition, a study by Avast Antivirus found that 61 percent of Americans failed to identify a fraudulent website. Fake websites are pervasive and not easy for many consumers to spot.
Depending on the scam, a fake website may sell counterfeit goods to the victim, process a payment for goods that are never shipped, or simply steal payment details for use elsewhere. This affects businesses and marketing departments specifically in multiple ways:
- Stolen sales/lost revenue
- Erosion of trust in the brand / victim hesitance in engaging with the brand online in the future
- Erosion of perception of quality (driven by counterfeit goods)
- Customer dissatisfaction
- Customer experience impacts related to overwhelmed call centers
- Customer churn
Lack of Visibility & Control of Fake Sites
Some businesses think to themselves, “Fake websites don’t run on my network, I can’t possibly scan the whole internet for fakes, and I can’t hover over my customers to stop them from clicking on unsavory links.”
That’s correct. Fake websites and their victims operate outside of your network infrastructure. And while it’s best practice to educate your customers on what to look out for with regard to impersonations of your brand, scammers constantly innovate to stay one step ahead of education initiatives. For example, fraudsters have evolved far beyond simple typosquatting. This is a difficult problem to solve, but it’s not a hopeless situation.
Stopping Today’s Online Brand Impersonations
Tens-of-thousands of fake websites are created every week, but only about 25 percent of them use typosquatting. Finding today’s sophisticated brand impersonation scams require AI-powered detection that goes beyond finding misspelled brand names to analyze the imagery and language used on a suspicious site for impersonations, regardless of its URL. In addition, no human can possibly examine tens-of-millions of web pages that update daily. An automated engine that examines every new website added to the internet, such as Allure Security’s, can.
Businesses, and marketers specifically, need go-to-market security solutions from CHEQ to ensure they don’t waste resources on fake visitors or make bad decisions based on invalid traffic. On the flip side, businesses also need to take action to prevent today’s online brand impersonations. Responsibilities for brand protection and IP infringement typically fall into the purview of cybersecurity and legal teams, but brand impersonations also interfere with marketers’ ability to make efficient use of online channels to connect with legitimate prospects and customers. Learn more about how Allure Security can help your business find and eliminate fake websites.
Josh Shaul is CEO at Allure Security and shapes and executes the company’s vision. Allure Security detects and disrupts more fake websites, deceptive social media profiles, and rogue mobile apps faster by virtue of its patented AI detection engine and multi-pronged response to online brand abuse. Josh has more than 20 years of information security experience, including leadership roles at Akamai, Singtel/Trustwave, and SafeNet.