Your organization’s leadership is 12 times more likely to be the target of a security incident and nine times more likely to be the target of a data breach than they were last year. Find out how they can be protected.
Read the Datasheet
Gift Cardsharks: The Massive Threat Campaigns Circling Beneath the Surface
Learn about the attack group primarily targeting gift card retailers and the monetization techniques they use.
Get the Report
Threat Hunting Workshop Series
Join one of our security threat hunting workshops to get hands-on experience investigating and remediating threats.
Attend an Upcoming Workshop
Inside Magecart: New RiskIQ & Flashpoint Research Report
Learn about the groups and criminal underworld behind the front-page breaches.
Threat Hunting Guide: 3 Must-Haves for the Effective Modern Threat Hunter
The threat hunting landscape is constantly evolving. Learn the techniques, tactics, and tools needed to become a highly-effective threat hunter.
Understand Threats Against Your Domain and Brand
As brands increasingly transact business and engage with customers through their website, having an advanced domain infringement detection strategy is critical. Threat actors can easily and cheaply register domains using trusted brand names to drive monetizable traffic to other sites, phish for sensitive data, distribute malware, sell counterfeit goods, and more.
RiskIQ Domain Threats provides comprehensive detection of brand-related domains combined with the intelligent discovery of a brand’s legitimate domain footprint to identify infringing domain names. Via our proprietary virtual user technology, RiskIQ analyzes a brand’s official site content and behavior. Experiencing websites the same way that real users would ensure that we uncover malicious and fraudulent activities designed to elude detection by other detection methods.
Get the datasheet—External Threat Detection: Domain Threats
Organizations invest significant resources in designing, securing, and driving traffic to official websites to build and preserve customer loyalty and brand trust. However, these investments are undermined—and the security of the company and its customers threatened—when third parties register look-a-like domains containing the brand names, or variations and misspellings of the brand names, to divert users away from the legitimate site or sites.
It’s easy for users to follow links in social media, emails, and on other websites where the actual URL isn’t easily seen. And while many users may notice when they expect to go to www[.]domain[.]com and instead end up at www[.]somethingotherthandomain[.]com, it’s not as easy to see the difference between www[.]domain[.]com and www[.]dornain[.]com (note that the R and N side-by-side look like an M). These threats also use subdomains to target your organization.
Any URL can lead to websites hosting phishing pages, scams and counterfeit goods, or malware. And it’s important to understand the domains, subdomains and actual websites that are using branded terms and look-a-like terms that are targeting your organization.
Watch the Webinar
Subdomain Infringement: The unseen threat that’s running rampant
RiskIQ searches WHOIS registrations and DNS data to identify third-party owned domains and subdomains containing exact matches or close spelling variants to branded terms. Our proprietary discovery technology automatically maps out all of an organization’s legitimate websites and infrastructure. That information is then used to intelligently distinguish between company-owned domains and infringing domains and subdomains. The result is fewer false positives and more accurate risk identification.
After identifying an infringing domain, RiskIQ’s unique virtual user crawling infrastructure intelligently analyzes the web page and HTML code associated with it. The virtual users detect brand references, logos, and other site content, and follow redirects and load scripts that may lead to malicious content or phishing. Virtual users visit websites from multiple geographic locations and browser types, just like a real user would. This provides the additional context needed to determine how threat actors may be using each domain and the risk it poses to the associated organization.
Get the White Paper
Subdomain Infringement: The Unseen Threat
Learn more about the individual threat types that make up the External Threats solution set: