Online scammers are exploiting top bank brands and the global recession in order to lure consumers with offers of refinancing, loan modifications and bailout checks, according to a study released Monday by MarkMonitor Inc.
In the study, the San Francisco-based brand protection company chose four top U.S. and international bank brands and looked for scams that used the terms foreclosure, mortgage, refinance and unemployed. The research involved searching through 134 million public domain records, billions of webpages and 60 million spam messages between March and April.
MarkMonitor found that more than 7,300 domains exploited the four bank brands with 16% of them registered since September 2008. Twenty-four percent of those domains registered since last fall used one of the four terms. That translates to a registration rate of one cybersquatted domain per day using the terms, the company said.
There were 10,000 phishing attacks against the four bank brands, a 36% increase in the first quarter of this year compared to the previous quarter, according to MarkMonitor.
Fred Felman, chief marketing officer at MarkMonitor, said the research shows how scammers are preying on people looking for help with their financial problems in the recession. Some of the sites try to sell credit reports or credit monitoring services while other more nefarious ones try to trick users into giving up personal information that can be used in identity theft schemes.
"We're seeing a lot of different types of sites. They range from someone trying to make an affiliate fee if you travel to their site, to someone who's actually trying to steal your money," Felman said. "And they're doing it on the backs of brands that consumers trust."
Most banks are very active in defending themselves against phishing attacks and other online abuse, he added.
"However, they can always do more -- especially on the cybersquatting side. It's clear some of these [domains] have been around for a while. That would indicate they could be doing more to protect their brands online."
Avivah Litan, vice president and distinguished analyst at Gartner Research Inc., said there's not a lot of industry momentum around what she calls cyber intelligence services, which companies can use for many purposes, including brand hijacking protection.
"Usually companies don't pay attention to this unless they've been hit really hard," she said. "Most security officers are too focused on what's happening inside the network perimeter. They don't stop to think about what's happening outside the perimeter."
In addition to MarkMonitor, companies offering various types of cyber intelligence services include Cyvelliance Inc. (acquired in May by QinetiQ North America), Brandimensions, EMC's RSA, New Momentum LLC and Tiversa Inc., Litan said.
Companies commonly use cyber intelligence services to catch phishing attacks, but overlook how they can be used in many ways, including finding counterfeit sites and intellectual property protection, she said. They're relatively inexpensive; costing about $75,000 to $100,000 per year depending on a company's brand and how much it monitors.
"Some big companies use these services but most companies would rather not spend the money," Litan said. "That's very shortsighted."
MarkMonitor's study was the latest "Brandjacking Index," which the company releases about three times a year.