Anatomy of an Attack
Consumer phishing impersonates your brand with domain spoofing and lookalike emails designed to defraud customers. When your brand is used, consumers lose trust. By not protecting your email-sending domains, you risk blocked mail and poor performance on email marketing campaigns
Phase 1
TargetAcquire List
Today's cybercriminals use sophisticated techniques to build target lists such as leveraging consumer databases and harvesting email addresses stolen through corporate data breaches or purchased on the dark web.
Phase 2
DeliverLaunch Campaign
Email campaigns sent to these lists impersonate brands that consumers know and trust, and employ identity deception techniques such as lookalike domains and domain spoofing to appear legitimate to recipients.
Phase 3
DeceiveCreate Urgency
By creating a sense of urgency through alerts, notifications, password checks and more, these messages use carefully calibrated ploys to trick users into following their call-to-action. Phishing emails typically have an open rate of more than 30%.
Phase 4
ClickElicit Response
Recipients click phishing site links designed to mimic the impersonated brand's login screen. Once credentials or other personal information is submitted, it's unwittingly surrendered to the criminals.
Phase 5
ExploitReap Rewards
The criminals or their agents log into the victim's legitimate account and transfer money, use a stolen credit card number, or place an order to perpetrate the fraud. Beyond financial losses, consumers spend an average of 23 hours cleaning up the mess—and vent frustration at impersonated brands.
