RiskIQ External Threat Detection: Domain Threats
As brands increasingly transact business and engage with customers through their website, having an advanced domain infringement detection strategy is critical. Threat actors can register domains using trusted brand names to drive monetizable traffic to other sites, phish for sensitive data, distribute malware, sell counterfeit goods, and more.
RiskIQ Domain Threats provides comprehensive detection of brand-related domains combined with the intelligent discovery of a brand’s legitimate domain footprint to identify infringing domain names. Via our proprietary virtual-user technology, RiskIQ analyzes a brand’s site content and behavior. Experiencing websites the same way that real users would ensures that we uncover malicious and fraudulent activities designed to elude detection by other detection methods.
What Does RiskIQ Domain Threats Do, Exactly?
Comprehensive domain infringement and threat discovery.
RiskIQ searches WhoIs registrations and Passive DNS data to identify third-party owned domains and sub-domains containing exact matches or close spelling variants to branded terms. Our proprietary Discovery technology automatically maps out all of an organization’s legitimate websites and infrastructure and that information is used to intelligently distinguish between company-owned vs. infringing domains and sub-domains. The result is fewer false positives and more accurate risk identification.
After identifying an infringing domain, RiskIQ’s unique virtual user crawling infrastructure intelligently analyzes the website associated with it. The virtual users detect brand references, logos, and other site content, and experience any malicious redirect and other illicit behaviors from multiple geographic locations and browser types—just as a real human user would. This provides the additional context needed to determine how threat actors may be using each domain and the risk it poses to the associated organization.
Who Needs It?
Organizations like yours invest significant resources in designing, securing, and driving traffic to official websites to build and preserve customer loyalty and brand trust. However, these investments are undermined—and the security of the company and its customers threatened—when third parties register look-a-like domains containing the brand names, and variations and misspellings thereof, to divert users away from the legitimate site or sites.