Anti-Phishing Service
How To Protect Your Brand From Fraud?
Thomsen Trampedach offers a bespoke anti-phishing/brand-impersonation monitoring service that focuses specifically on brand impersonation with field-proven monitoring capabilities, and a dedicated anti-phishing mailbox that is managed on the client’s behalf. In short, the customizable service includes:
- Creation and management of a phishing mailbox to which the organization can report perceived abuse for action and control.
- Monitoring of newly registered domain names
- Monitoring of hostnames in newly published SSL certificates
- Monitoring of Social Media.
- Monitoring of Paid Ads
- Monitoring of Phishtanks (directories of phishing scams)
Last year alone for one of our clients, our team analyzed hundreds of thousands of perceived risks and took action on 19549 unique websites, closing over 85 % of them.
Anti-phishing Mailbox
Thomsen Trampedach will set up an anti-phishing mailbox with a dedicated incident team. Anyone in your organisation is encouraged to forward fraudulent attempts to our team. Our team will analyse the threat and through the use of semi and automated enforcement mechanisms in our case-management system report the threat to the various ISPs promptly. The dedicated account manager will help set up ‘how-to’ guides for your website to guide recipients through the necessary steps for submitting the fraud to our team.
“During certain global malicious campaigns our team analyse and address over 4000 perceived scam emails a day”
Monitoring Capabilities
Web Monitoring
We offer Web monitoring for phishing cases by performing reverse searches for unique identifiers from the existing cases collected from various sources such as abuse-mailboxes, domain monitoring or threat exchangers with the scope of proactively detecting unreported phishing pages, gathering data, and neutralising the attacker’s infrastructure.
Domain Monitoring
Our team investigate newly registered domain names daily, and suspicious domain registrations are added to our brand protection case management system and immediately enforced when signs of fraudulent or malicious behavior are detected.
SSL Monitoring
The majority of online abuse such as phishing, harmful activity, and brand impersonation is happening on websites having a Secure Sockets Layer (SSL) certificate.
An SLL certificate enables an encrypted connection between the browser and the web server, and websites without an SSL certificate are often categorised as not safe by browsers. Most users today associate websites starting with HTTPS (SSL certified) as secure. This perceived safety assurance together with the easy setup of an SSL certificate has made this the new arena for fraud.
Thomsen Trampedach has developed a solution that monitors in real-time newly published SSL certificates from transparency Certificate logs and scans for our client’s brand names in the domain name (hostname / common name) that is protected by the SSL certificate. The results are categorised according to risk in our case-management and enforcement system, which allows our team of professionals to proactively act on the biggest threat to our clients as they happen in real-time.
“Our SSL monitoring solution scans approx 5 million certificates a day.”
Social Media Monitoring
Our team monitor Social media and enforce unauthorised activities such as impersonation including in paid ads, via available tools (such as Facebook’s Commerce & Ads IP Tool).
Monitoring of Phishing Directories
Thomsen Trampedach anti-fraud solution includes monitoring of directories of phishing scams, and has developed a tool that automatically scans the biggest databases of phishing.
Deep dive investigations
Our team can perform deep dive searches about phishing cases that require extra attention from the client or even the involvement of public authorities and issue reports with the gathered information.
Anti-Phishing Working Group (APWG) Partner
Thomsen Trampedach is a proud partner of the Anti-Phishing Working Group (APWG), and contributes to APWG’s collective databases on phishing and cybercrime.
Your Questions
Our Answers
Most important is to act quickly against the fraud, thereby reducing its effectiveness. Once the risk is analysed, any fraudulent emails should be included as evidence to the internet service providers (ISP), together with a clear explanation of how the email/website is engaging in fraudulent behaviour.
SSL monitoring is essential for anti-phishing services as it provides a stream of data that enhances the industry standard domain name monitoring result. From SSL monitoring one can find abuse happening in sub-domains such as brand.buyglobal.com, data that is not retrievable in registry databases. This is important as a big part of brand impersonation online is happening in sub-domains and not in the domain name.
DANSKE BANK
We appreciate working with Thomsen Trampedach as our full service domain name and online brand protection provider, as they do not only deliver stable and secure domain name services, but also add value by assisting us in formulating and adapting our online brand protection strategy in alignment with our general branding and security strategies. We truly value their commitment, their agility and their unique industry insight as well as their deep understanding of how big corporations work.
Attorney-at-Law
Senior Chief Legal Adviser
Koncern Jura/Group Legal
Danske Bank A/S
Deutsche Post DHL Group
Thomsen Trampedach has proven to be a competent time and money-saving full-service partner in all areas of online brand protection. They protect our company’s brands, Deutsche Post and above all DHL, from phishing attacks as well as cybersquatting and support us in all matters of online trademark infringements including social media.
Deutsche Post DHL Group Brand Management, Domain Management, and Digital Coordination
Related Resources
Articles which are related to this expertise.
Brand Protection in the domain name space: A strategic interplay of defensive registrations, active monitoring and offensive enforcement.
Most thing you need to know about Domain Name Monitoring.
How Domain Name Monitoring Works
Most thing you need to know about Domain Name Monitoring.