As soon as your company becomes more or less famous, more often than not someone starts exploiting your success for their own purposes. At best, they simply hide behind your name in order to promote some dubious quality goods and services. At worst, they prey on your clients, partners, or even employees. The latter \u2013 including the information security department \u2013 often don\u2019t even suspect the existence of malicious doppelgangers until their actions begin to cause a flurry of letters to your customer support, or a scandal on social networks. In any case such incidents negatively affect your company\u2019s reputation. Three types of internet-doppelgangers are the most common.<\/p>\n
These days, almost every serious business has its own app for convenient customer access to online services \u2013 sometimes more than one. Therefore, it\u2019s no surprise that when you search for this or that app in an online store you get more than one result. Sure, most users will download the most popular option, but most likely some will fall for the scammers\u2019 trick and install a fake one \u2013 especially if they receive a direct link to it. Inside, anything can be lurking \u2013 from a banking Trojan to tools for remote access to your device. Quite recently, our experts found<\/a> several modified versions of popular instant-messenger apps on Google Play containing spyware code.<\/p>\n Social media accounts purporting to relate to your company can be used by criminals in a variety of different schemes. They are often used to spread false information \u2013 to promote some semi-legal (online casinos) or outright fraudulent activities (giveaways for all kinds of prizes, tickets<\/a> or bitcoins) supposedly affiliated with your brand. However, a fake account can also distribute malicious or phishing links, or serve as a platform for more sophisticated social engineering attacks.<\/p>\n If your website has a member area for clients, partners or employees, then you can rest assured that the personal credentials for their accounts are of interest to attackers. Therefore, you should not be surprised if at some point attackers will try to imitate your site in order to harvest logins and passwords \u2013 at least in order to resell this information to other cybercriminals.<\/p>\n In the vast majority of cases, the target of various illegal schemes involving imitation of your website, app, or a social media account is targeted at someone else (whether individuals or other companies). However, it\u2019s your reputation that suffers. Therefore, such doppelgangers should be identified and eliminated before they can cause significant damage. To share our expertise on this matter and help you to timely detect them we\u2019ve updated our Digital Footprint Intelligence service.<\/p>\n The Kaspersky Digital Footprint Intelligence service is designed to enable customers to monitor their digital footprint and identify potential risks and vulnerabilities associated with it. Some time ago, its functionality was supplemented with monitoring for phishing sites that use brand names or were registered using typosquatting and combosquatting, as well as with a domain takedown service.<\/p>\nFake social media accounts<\/h2>\n
Phishing sites<\/h2>\n
How to protect a company\u2019s reputation from copy-cats?<\/h2>\n