Phishing Attacks

Arguably the most common corporate identity theft scam today is Phishing (adapted from “fishing for information”), a scenario that usually involves an e-mail message asking consumers to update their personal information with a link to a spoofed Web site. To give their schemes a legitimate look and feel, fraudsters commonly steal well-known corporate identities, product names and logos.. What makes phishing successful is the ease with which seemingly authentic Web sites and e-mail stationery can be constructed.

Another common form of corporate identity theft is the initiation of a fake e-commerce business that purports to distribute branded products. Examples include common consumer goods, mortgages, online pharmacies and discounted software. As in Phishing example above, these fake sites drive traffic via advertisements sent out in the form of junk e-mail, often with an offer "too good to be true," such as a very low price, below-market interest rate or "no prescription required." While most businesses understand the impact that unauthorized product distribution has on revenues and margins, they are often less aware of the liabilities associated with this same activity. Incorrect or improper product sales pose risks to consumer safety and brand reputation and whilst the ‘hard costs’ associated with recovering from this type of attack can be calculated, the ‘soft costs’ in brand damage although difficult to estimate are usually significantly higher and only become apparent over time.

For more information on how to avoid Phishing scams, and for software solutions to minimize the risk of attack, visit our resources section.