Magecart Strikes Again
Ticketmaster, British Airways, and Newegg have all been compromised. Who’s next? Read our research to see how we discovered the breaches.
IDG Connect: 2017 State of Enterprise Digital Defense Report
Findings quantify the security management gap and business impact of external web, social, and mobile threats.
Get the Research Report
RiskIQ Digital Threat Management Platform Datasheet
Learn about our platform and products.
Read the Datasheet
Frost & Sullivan: The Digital Threat Management Platform Advantage
The material benefits of a platform-based approach to security outside the firewall.
Read the Report
Rackspace Accelerates External Digital Threat Investigation with RiskIQ PassiveTotal
Download Case Study
EMA Radar™ Q4 2017 Report
RiskIQ ranked a technology and value leader in digital threat intelligence management.
Get the Analyst Report
Understand Threats Against Your Domain and Brand
As brands increasingly transact business and engage with customers through their website, having an advanced domain infringement detection strategy is critical. Threat actors can easily and cheaply register domains using trusted brand names to drive monetizable traffic to other sites, phish for sensitive data, distribute malware, sell counterfeit goods, and more.
RiskIQ Domain Threats provides comprehensive detection of brand-related domains combined with the intelligent discovery of a brand’s legitimate domain footprint to identify infringing domain names. Via our proprietary virtual user technology, RiskIQ analyzes a brand’s official site content and behavior. Experiencing websites the same way that real users would ensure that we uncover malicious and fraudulent activities designed to elude detection by other detection methods.
Get the datasheet—External Threat Detection: Domain Threats
Organizations invest significant resources in designing, securing, and driving traffic to official websites to build and preserve customer loyalty and brand trust. However, these investments are undermined—and the security of the company and its customers threatened—when third parties register look-a-like domains containing the brand names, or variations and misspellings of the brand names, to divert users away from the legitimate site or sites.
It’s easy for users to follow links in social media, emails, and on other websites where the actual URL isn’t easily seen. And while many users may notice when they expect to go to www[.]domain[.]com and instead end up at www[.]somethingotherthandomain[.]com, it’s not as easy to see the difference between www[.]domain[.]com and www[.]dornain[.]com (note that the R and N side-by-side look like an M). These threats also use subdomains to target your organization.
Any URL can lead to websites hosting phishing pages, scams and counterfeit goods, or malware. And it’s important to understand the domains, subdomains and actual websites that are using branded terms and look-a-like terms that are targeting your organization.
Watch the Webinar
Subdomain Infringement: The unseen threat that’s running rampant
RiskIQ searches WHOIS registrations and DNS data to identify third-party owned domains and subdomains containing exact matches or close spelling variants to branded terms. Our proprietary discovery technology automatically maps out all of an organization’s legitimate websites and infrastructure. That information is then used to intelligently distinguish between company-owned domains and infringing domains and subdomains. The result is fewer false positives and more accurate risk identification.
After identifying an infringing domain, RiskIQ’s unique virtual user crawling infrastructure intelligently analyzes the web page and HTML code associated with it. The virtual users detect brand references, logos, and other site content, and follow redirects and load scripts that may lead to malicious content or phishing. Virtual users visit websites from multiple geographic locations and browser types, just like a real user would. This provides the additional context needed to determine how threat actors may be using each domain and the risk it poses to the associated organization.
Get the White Paper
Subdomain Infringement: The Unseen Threat
Learn more about the individual threat types that make up the External Threats solution set: