The Netcraft Fraud Detection service helps you to protect your brand by pre-emptively identifying possible attacks and fraudulent sites.
The service works by tracking occurrences of your organisation’s name, brands, trademarks and slogans on the internet. The service helps companies identify sites which may be trying to commit fraud, construct phishing attacks, or attempt identity theft through impersonation, or are fraudulently implying a non-existent relationship with the company.
Common forms of online attack include phishing (attempts to deceive account holders into giving their account credentials away), fraudulent association as part of investment scams, and trademark violation.
Through the Netcraft Web Server Survey, we have details of over 1.1 billion website hostnames [May 2022] , and the front page content for 216.2 million sites. We are able to check each of these for the occurrence of your company’s domains, trademarks and commonly used phrases.
We receive phishing reports from industry partners, spam emails and our anti-phishing community. We’ve blocked over 146 million attacks to date [May 2022] .
With this information, we are uniquely placed to monitor the internet for these attacks, and inform you in a timely manner.
- DNS Searches: Domains which are deceptively similar to your legitimate websites lend credibility to a phishing attack. Netcraft monitors DNS registrations daily for specific alert patterns, and also probes for potential domains at common TLDs and registrable points (e.g. .com, .net, .free.fr).
- Front Page Searches: Since there is no guarantee that a fraudulent website will be using a suspicious domain, Netcraft also searches the front page content of websites found by the Netcraft Web Server Survey.
- SSL Site Searches: Phishing attacks which make use of SSL certificates are especially dangerous as most users associate the presence of a valid SSL certificate with an increased level of assurance. Netcraft monitors Certificate Transparency (CT) logs together with 109.3 million SSL certificates found by the Netcraft SSL Server Survey to detect certificates issued to domains and hostnames that are deceptively similar to your own.
- App Store Searches: Increasingly companies are providing their services to users through mobile phone applications (apps); this has given rise to fraudsters creating apps which impersonate legitimate company applications to gain access to a user’s security details. Netcraft regularly searches many different official and unofficial stores for apps which mention your brand.
- Social Media Searches: Many companies now maintain a presence on social media websites, however there can often be multiple un-authorized accounts present on these sites which can mislead and confuse customers. Netcraft regularly searches for customer specific patterns in order to find fraudulent Facebook pages as well as Twitter and Instagram accounts.
- Search Engine Advertising Searches: Fraudsters are taking advantage of people’s reliance on search engines by paying for sponsored listings to promote their phishing sites to users. Netcraft detects adverts targeting your brands including country specific adverts, on sites including Google, Bing, Yahoo, DuckDuckGo, automatically classifying and monitoring the resulting websites to detect those which are phishing.
- DMARC Forensic Report Processing: Forging the headers of emails to use a target’s real domain is a common tactic for phishers. Netcraft processes DMARC (Domain-based Message Authentication, Reporting and Conformance) reports on your behalf, which are sent by ISPs and e-mail receivers when they see any emails which claim to be from one of your own domains. A web interface shows the status of all of your own domains, any configuration changes required, and highlights unprotected domains being used by fraudsters attacking your customers.
The results for all of the searches are made available to you via a web interface, together with detailed site information (hosting locations, registrations details, etc), and reviewed into categories including ‘owned by company’, suspicious, benign, unavailable, or phishing.
Results are monitored daily for changes in content, ensuring fast reactions to any sites that become fraudulent.
Receive real time alerts of phishing sites targeting your company reported from the Netcraft Anti-Phishing Community.