Digital brand and social media abuse have become a huge problem in today’s world. Threat actors use a combination of technology and social engineering to manipulate people and organisations. This can impact organizations through risks like financial loss, reputational damage, Legal risk.
These threat actors exploit their target using:
- Fake emails (Phishing)– This is a type of social engineering attack often used to steal user data, including login credentials and credit card numbers. It occurs when an attacker, masquerading as a trusted entity, dupes a victim into opening an email, instant message, or text message.
- Fake SMS (Smishing)– This is a phishing cybersecurity attack carried out over mobile text messaging, also known as SMS phishing. As a variant of phishing, victims are deceived into giving sensitive information to a disguised attacker. SMS phishing can be assisted by malware or fraud websites. For example, receiving a text from your bank asking you to change your accountant PIN Code.
- Brand impersonation– This is an attack that impersonates a trusted company or a brand to trick victims into responding and disclosing personal or otherwise sensitive information.
- Hijacked DNS (pharming)– This is a fraudulent practice of directing internet users to a bogus website that mimics the appearance of a legitimate one, in order to obtain personal information such as passwords, account numbers, etc.
- Fake job advertising– A fake job posting is a (rarely) smartly designed type of scam aimed at job seekers for a variety of unprofessional reasons. Still, these scams can look legit to an unsuspicious person scrolling through the vast pool of jobs. For example, earlier this year on March 23rd a Named Zambian Institute had refuted the advertisement of a vacancy that was circulating on social media platforms as fake. The Public Relations Manager had said members of the public should be alert of a scam by unknown persons circulating fake employment advertisements on various online platforms purporting to be from the Institute when in factit was not, they said there where dismayed by an advertisement for a Stores Assistant making rounds on some social media platforms posted on 23rd March 2021, The PR manager said that the advert was fabricated and did not originate them.
Attackers attempt to create a scenario that focuses and preys on the end user’s human emotions. They focus on eliciting a response based on urgency, fear or curiosity and they use this to convince the victim to disclose sensitive information. Most people have become accustomed to digital services, we’re all used to paying bills over the internet ad despite all of this, not everyone is aware of how to identify risks and these threats target the most vulnerable of users.
The criminals and threat actors target brands with a strong brand presence that are most likely to yield them a good return.
Brand Intelligence solution arms you with actionable, up-to-the-minute analytical insights to proactively defend against new and emerging threats to your brand, products, employees, executives, and customers. Through various vendors help is given to spot and avoid scams using the following techniques:
- Anti-phishing techniques
- Anti-vishing techniques
- Anti-pharming techniques
- Takedown of fake domains
- Takedown of fake profiles on social media
Avoid falling prey to phishing, pharming scams etc. by investing in an excellent cybersecurity system and solutions to protect your organization. As both tactics get more complex, threats become more dangerous. The only way to combat this misuse of technology is through even more advanced and high-tech means.
About the Author
Muchimba Simuyuni – Digital Marketing Specialist
Email: email@example.com | Mobile: +26097618113
Number 11 Reedbuck road, Kabulonga, Lusaka, Zambia