Fraud Detection

Protect Your Brand Online

The Netcraft Phishing, Identity Theft and Fraud Detection service helps you to protect your brand by pre-emptively identifying possible attacks and fraudulent sites.

The service works by tracking occurrences of your organisation’s name, brands, trademarks and slogans on the Internet. The service helps companies identify sites which may be trying to commit fraud, construct phishing attacks, or attempt identity theft through impersonation, or are fraudulently implying a non-existent relationship with the company.

Common forms of online attack include phishing (attempts to deceive account holders into giving their account credentials away), fraudulent association as part of investment scams, and trademark violation.

phish-example

Through the Netcraft Web Server Survey, we have details of over 600 million website hostnames, and the front page content for over 90 million sites. We are able to check each of these for the occurrence of your company’s domains, trademarks and commonly used phrases.

We receive phishing reports from our anti-phishing community around the world, with over 11.2 million attacks blocked to date [November 2014].

With this information, we are uniquely placed to monitor the internet for these attacks, and inform you in a timely manner.

Comprehensive Searches

  • DNS Searches: Domains which are deceptively similar to your legitimate websites lend credibility to a phishing attack. Netcraft monitors DNS registrations daily for specific alert patterns, and also probing of potential domains at common TLDs and registrable points (e.g. .com, .net, .free.fr).

  • Front Page Searches: Since there is no guarantee that a fraudulent website will be using a suspicious domain, Netcraft also searches the front page content of websites found by the Netcraft Web Server Survey.

  • SSL Site Searches: Phishing attacks which make use of SSL certificates are especially dangerous as most users associate the presence of a valid SSL certificate with an increased level of assurance. The Netcraft SSL Server Survey gives us the ability to search over 5 million SSL certificates for forgeries.

  • App Store Searches: Increasingly companies are providing their services to users through mobile phone applications (apps); this has given rise to fraudsters creating apps which impersonate legitimate company applications to gain access to a user’s security details. Netcraft regularly searches many different official and unofficial stores for apps which mention your brand.

  • Social Media Searches: Many companies now maintain a presence on social media websites, however there can often be multiple un-authorized accounts present on these sites which can mislead and confuse customers. Netcraft regularly searches for customer specific patterns in order to find fraudulent Facebook pages and Twitter accounts.

  • Search Engine Advertising Searches: Fraudsters are taking advantage of people’s reliance on search engines by paying for sponsored listings to promote their phishing sites to users. Netcraft detects adverts targeting your brands including country specific adverts, on sites including Google, Bing, Yahoo, DuckDuckGo, automatically classifying and monitoring the resulting websites to detect those which are phishing.

  • DMARC Forensic Report Processing: Forging the headers of emails to use a target’s real domain is a common tactic for phishers. Netcraft processes DMARC (Domain-based Message Authentication, Reporting and Conformance) reports on your behalf, which are sent by ISPs and e-mail receivers when they see any emails which claim to be from one of your own domains. A web interface shows the status of all of your own domains, any configuration changes required, and highlights unprotected domains being used by fraudsters attacking your customers.

Transparent Reporting

The results for all of the searches are made available to you via a web interface, together with detailed site information (hosting locations, registrations details, etc), and reviewed into categories including ‘owned by company’, suspicious, benign (e.g., Mention on a news or personal site), unavailable, or phishing.

fraud-protection-preview

Results are monitored daily for changes in content, ensuring fast reactions to any sites that become fraudulent.

Phishing Alerts

Receive real time alerts of phishing sites targeting your company reported from the Netcraft Anti-Phishing Community.

Next Steps

Please contact us sales@netcraft.com, +44-1225-447500, with details of your company’s names, brands, trademarks and slogans that you would like to monitor.

We can also offer bespoke approaches as required.