DigiCert Verified Mark Certificate (VMC) - What, Why & How? 1

DigiCert Verified Mark Certificate (VMC) – What, Why & How?

What is DigiCert Verified Mark Certificate (VMC)?

VMC is a digital certificate that verifies an organisation’s ownership of a logo. It is a sign of authenticity and having it means your organisation has been verified to be the legal owner of your brand logo.

It is required in the implementation of Brand Indicators for Message Identification (BIMI), a relatively new email specification standard in which the email industry is moving towards. In addition, it also helps companies to strengthen and protect their brand power in one of the most important communication tools of our era, emails.

Why is that so? See the difference in the way emails are displayed below and you will understand why.

DigiCert Verified Mark Certificate (VMC) - What, Why & How? 2

The left image is without VMC, whereas
the right image is with VMC implemented.

To have your logo displaying in email inboxes, have you ever wondered how to do it? It is not as simple as changing the profile picture. Instead, you need to correctly implement BIMI to achieve it. After implementation, if the email clients are able to support BIMI, your logo will be rendered next to the “sender” field. End users will see your mark, which means your organisation has been authenticated, even before they start to read your message.

What is BIMI?

BIMI is a collective effort from various email service provider brands such as Google, Mailchimp, Yahoo and many more to define an emerging email specification. It is an initiative to move the email industry towards a secured and consistent email experience, for both businesses and consumers alike.

It is directly connected to strict requirements involving email authentication and advance technical knowledge, especially regarding your DMARC settings. The objective behind BIMI is to encourage businesses to use stronger email authentication, which is more secured and safer for everyone.

DigiCert Verified Mark Certificate (VMC) - What, Why & How? 3

 

Why do you need VMC?

Email communication is moving to the new specification BIMI, which enables organisations to display their verified brand logo in customer’s inbox. The steps to implement BIMI will require you to have a VMC.

However, only some organisations are recognised to act as authorities to verify brand logo in which they will issue a VMC after completing the verification. DigiCert, a leading Certificate Authority (CA) in the world, is one of them and they are known as the pioneer of VMC technology.

VMCs help customers to see a verified organisation’s logo in their inbox, before they even open the email. They help distinguish messages from verified brands among the many emails in the inbox. They also promote DMARC adoption, encouraging brands to take email protection seriously to protect against attacks like spoofing and impersonation.

In addition, they boost the authenticity, recognisability and consistency of a brand experience from email to conversion. They also increase email deliverability, open rates and engagement rates. Displaying a verified brand logo will help drive millions of new brand impressions, as well as controls brand consistency at scale.

DigiCert Verified Mark Certificate (VMC) - What, Why & How? 4

How to implement VMC for BIMI?

To qualify for a VMC certificate, there are a few requirements.

1. Your domains must be fully DMARC compliant. DMARC combats email spoofing and phishing. If you require assistance in setting DMARC, contact us and our team will assist you.
2. Your organization’s logo must be a legally registered trademark. Supported trademark offices include:

  • United States Patent and Trademark Office (USPTO)
  • Canadian Intellectual Property Office
  • European Union Intellectual Property Office
  • UK Intellectual Property Office
  • Deutsches Patent- und Markenamt
  • Japan Trademark Office
  • Spanish Patent and Trademark Office O.A.
  • IP Australia
  • Intellectual Property India
  • Korean Intellectual Property Office
  • Instituto Nacional da Propriedade Industrial

3. The logo file used in your VMC certificate must be an SVG file that adheres to the SVG-P/S profile. Currently, most image editing tools do not support this profile and will require using a specific conversion tool or manually editing an SVG file. Click here to get help with this.

The validation process for DigiCert’s VMCs are the same as EV SSL certificates, but with a few added steps for additional security. Once the validation process is completed, DigiCert will issue a VMC to you and you may proceed to continue implementing BIMI by adding the issued VMC to your BIMI record in the “a=” evidence attribute.

 

 
DigiCert Verified Mark Certificate (VMC) - What, Why & How? 5
 

Simplify and accelerate your VMC business with WebNIC

 

If you are looking for a trusted provider for DigiCert VMC, then WebNIC is your choice. We help you to simplify and accelerate your VMC business, by working closely with DigiCert as one of their award-winning partners. DigiCert VMC is available for purchase now to all our partners. As we have more than 7 years of experience in the SSL certificate industry, you can be assured that your VMC selling journey will be a simple and painless process. Join WebNIC as a reseller and start selling VMC today with us!

 

DigiCert Verified Mark Certificate (VMC) - What, Why & How? 6

About WebNIC

DigiCert Verified Mark Certificate (VMC) - What, Why & How? 7

WebNIC operates a digital reseller platform covering primarily domain name registration for over 800 TLDs, web security services, email and cloud services. With offices in Singapore, Kuala Lumpur, Beijing, Taipei and Jakarta, we serve 5,000 active resellers in over 70 countries. With over 20 years’ experience, we accelerate our partner’s growth through a robust platform, attentive support and wholesale pricing. To join us and become a reseller, live chat with us or email us at [email protected].

The Dangers of Phishing Attacks and How to Prevent Them 8

The Dangers of Phishing Attacks and How to Prevent Them

Phishing attacks happen frequently and pose great dangers

Phishing attacks have increased a lot in recent years and they happen very frequently. The reason behind this is because they are very effective and efficient for cybercriminals, but most importantly very profitable for them. Many users and organisations have fallen victim to phishing attacks, whereby their personally identifiable information, credentials and sensitive data have been stolen, resulting in identity theft, loss of money, loss of reputation, loss of intellectual property, as well as disruption of daily normal operational activities. All these act together in posing great dangers to both users and organisations, which more often than not cause irreversible damage.

Understand what are phishing attacks to protect ourselves

The Dangers of Phishing Attacks and How to Prevent Them 9

A phishing attack is the act of committing fraudulent actions in an attempt to “fish” sensitive data out of victims. Cybercriminals do so by impersonating as other renowned brands or entities to trick victims into providing their sensitive data. Our article here provides more info to help you understand what are phishing attacks, in order to help you be better informed about them, as well as be more prepared when facing them.

Notable Phishing Attacks in Real Life

Phishing Attacks Work Because… Humans | Cyber Security Hub

It is important to equip ourselves with knowledge about phishing attacks, because statistics show that phishing attacks are increasing every year, showing no signs of slowing down. Over the years, many companies including high profile companies, have fallen victim to phishing attacks. Some of the most notable examples include below:

  1. Austrian aerospace parts maker, FACC was hit by a whaling attack in 2016, costing the company a whopping $56 million. The CEO at the time, Walter Stephan was impersonated by the perpetrator, in which the attacker sent an email to an employee of the finance department requesting for immediate funds transfer.
  2. American network technology company, Ubiquiti Network was hit by a spear phishing attack in 2015, costing it a loss of $46.7 million in transferred funds. The attack was done by impersonating high ranking executives with spoofed email addresses and domain look-alikes.
  3. Even US giant companies Google and Facebook are not invulnerable to phishing attacks. Between 2013 and 2015, they were reportedly scammed of $100 million in an elaborate wire fraud scheme. Over the 2 years, the attacker sent phishing emails with forged invoices to request payment to be sent to fake bank accounts.
  4. Apple, the most valuable company in the world, is also a victim of smishing. The company brand was used in a fake Apple chatbox, whereby users were informed to have a chance to join a testing program for iPhone 12. Users were requested to pay a delivery charge by being redirected to a malicious website which stole payment card details.
  5. A popular cybersecurity company, RSA was also a victim of phishing attack via email. The email was attached with a virus-infected Excel file, and was opened by an unsuspecting employee of the company. This led to a sophisticated attack on the company’s information systems.

Phishing attacks prevention

As seen above, phishing attacks can pose serious consequences and huge losses to companies, as well as users alike. It is important to know how to prevent phishing attacks. The actions below can help to increase your success in preventing them.

1. Educate your team to identify phishing scams and techniques

Benefits of Group Work - TeachHUB

The Internet is always changing, so does the phishing attack methods. However, most of them will still share some common warning signs that can be identified with proper knowledge and experience through regular security awareness training with your team. With this, it is more likely you are able to avoid a potential attack.

2. Don’t click on suspicious links

WhatsApp suspicious link detection feature is now available for all on Android beta - Technology News

Some links look suspicious and with some practice they can be easy to spot. It is generally advisable to not click any links in emails or instant messages. However, should there really be a need to do so, the general practice and bare minimum is to at least hover over a link to see if the destination is correct. The reason is because some destination URLs can look very identical to a genuine site, set up to phish sensitive data and login/credit card information from whoever that clicked the link. It is always recommended to go straight to the genuine site through search engine, rather than clicking a link.

3. Use free anti-phishing add-ons

The Dangers of Phishing Attacks and How to Prevent Them 10

Most Internet browsers now come with the option to download and install free anti-phishing add-ons. When these extremely useful add-ons are used, they provide instant quick checks on the URLs that a user is visiting, by comparing them to lists of known phishing sites. The add-ons will alert the user if he/she comes across any known malicious sites.

4. Check for the security and secure status of a website

8 Simple Ways to Improve your Website Security

Make sure to look for the “https” in a website URL, as well as a closed padlock icon near the address bar whenever visiting a website. These indicators are the signs of a secured website and you would be safer when submitting any sort of information on this website. If you come across any suspicious websites or are alerted about malicious files, then do not open them to be safe.

5. Monitor and check all your online accounts

Learn how to reset a forgotten password or change your existing passwords.

You should consistently visit your online accounts on a regular basis, as well as change the passwords regularly, too. There is a chance that your accounts might have been compromised without you knowing, and the attackers are enjoying unlimited access to your accounts. A habit of changing your passwords will be extremely effective in preventing this.

6. Never skip or delay browser updates

How to Update Your Browser - How to, Technology and PC Security Forum | SensorsTechForum.com

It can be quite a bother to check for updates of your browsers, and we tend to put them off for later. Make sure you don’t do this. Updates are there for a reason, and they are extremely important in fixing any security loopholes that cybercriminals may take advantage of. It is strongly recommended to update immediately whenever new updates are available to ward off the risks of phishing attacks.

7. Setup firewalls

The role of next-gen firewalls in an evolving security architecture | InsiderPro

Firewalls are extremely effective in preventing hackers and phishers from intruding your system. They act as a shield to prevent cybercriminals, because they need to be broken through before any cyberattacks, including phishing attacks, can be launched effectively. The best case scenario is to apply both desktop firewalls and network firewalls, which strengthen security to prevent phishers.

8. Be extra careful when it comes to pop-ups

How to remove Media Player Update pop-ups [Chrome, Firefox, IE, Edge]

Pop-up windows are commonly used by phishers attempting to launch phishing attacks. They often contain links to malware or malicious websites. You are recommended to install free ad/pop-up blockers to reduce the such risks. Occasionally, some pop-ups might slip through and it is generally advisable to close them. Some will deceive you with a cancel button for you to click, but don’t fall for it. Find and click the “x” in the corner of the pop-up instead.

9. Think twice or even thrice when submitting sensitive info

How Much Private Information Do You Give Away Every Day?

Always remember not to submit your sensitive data when using the Internet, unless you are 100% sure of the safety of the website. When in doubt, visit the main website of the company and ask for clarification. It might be a hassle, but it is worth the effort to be better safe than sorry. Never submit sensitive info on websites you are suspicious of.

10. Implement a complete and powerful web security solution

The cybersecurity industry has evolved by leaps and bounds and there are many great cybersecurity solutions out there now. These solutions provide a comprehensive cyber protection, and they can help to drastically reduce the risks of cybersecurity incidents, including phishing attacks.

The Dangers of Phishing Attacks and How to Prevent Them 11

One such solution is our Sectigo Web cybersecurity solution. This all-in-one and comprehensive web security service includes many powerful cybersecurity functions, including:

  1. Web Detect
  2. Web Patch
  3. Web Clean
  4. Web Backup & Restore
  5. Web Accelerate
  6. Web Firewall
  7. Web Comply

These functions ensure that your system is constantly protected at all times, while giving cybercriminals a hard time to launch any effective cyberattacks on you, including phishing attacks. Why so? That’s because Sectigo Web works 24/7/365 to help you monitor and check for cybersecurity invulnerabilities, giving little to no time to cybercriminals to launch attacks. Start your web security service selling journey with WebNIC now to help combat the plague of the digital landscape, phishing attacks!

About WebNIC

The Dangers of Phishing Attacks and How to Prevent Them 12

WebNIC operates a digital reseller platform covering primarily domain name registration for over 800 TLDs, web security services, email and cloud services. With offices in Singapore, Kuala Lumpur, Beijing, Taipei and Jakarta, we serve 5,000 active resellers in over 70 countries. With over 20 years’ experience, we accelerate our partner’s growth through a robust platform, attentive support and wholesale pricing. To join us and become a reseller, live chat with us or email us at [email protected].

Types of Phishing Attacks You Need to Know 13

Types of Phishing Attacks You Need to Know

What is a phishing attack and what does it mean?

The Anatomy of a Spear Phishing Attack: How Hackers Build Targeted Attacks (and why they're so effective)Webinar.

Phishing is a form of cyberattack that is aimed to trick users into giving away their sensitive information, such as credit card details, passwords, bank accounts and any personally identifiable information. It can also be used to deceive users to click a link, which in turn will automatically download malicious files that install malware, ransomware, virus on their computer or phone.

Cybercriminals launch phishing attacks mainly through sending phishing emails, enticing users to open and click them through a false sense of urgency or alert. In fact, 96% of phishing attacks arrive by email, whereas social media, phone calls and any form of communication they can use make up the remaining 4%. Regardless of how the phishing attacks are launched, cybercriminals launch them to try to achieve these goals:

  1. Distribute malware and malicious programs to infect users’ devices.
  2. Steal private information for financial gains or identity theft.
  3. Gain control of your online accounts to further launch more cyberattacks to your connections.
  4. Persuade you to send money or valuable info to them.

Needless to say, both individuals and businesses are equally at risk from phishing attacks without discrimination, because they are highly profitable for cybercriminals. According to data published by Verizon’s 2021 Data Breach Investigations Report (DBIR), phishing is the most common form of security incidents last year, whereby 36% of them involve phishing. FBI also stated that in 2020, phishing was the top incident of the year, and its frequency doubled from 2019. These statistics show us that we will be exposed to phishing attacks eventually, and we should educate ourselves to understand the many types of phishing attacks out there, as well as ways to prevent them.

Understand the different types of phishing attacks

Before getting into the types of phishing attacks, it is important to understand that they can happen through any medium, including emails, phone calls, SMS, social media, hijacked legitimate websites, impersonating websites which look extremely identical to the original websites, or even your Internet connection.

Hence, we have many different types of phishing attacks, based on how they are delivered. Since technology is rapidly changing and improving, therefore phishing attacks are also the same, which is why this list of phishing attack types will constantly grow and change as well. We list out a number of common ones below:

Phishing email

What is a Phishing Attack And How do You Steer Clear of Them? - Business  Review

As mentioned above, 96% of phishing attacks are delivered through phishing emails. Cybercriminals incite fear, greed and urgency by sending fake emails to users, which request them to click a link, reply with personal info, open an attachment or send a payment etc.

Domain spoofing

How Ads.txt Can Stop Domain Spoofing | Radware Bot Manager

This type of phishing attack works by impersonating email addresses of valid businesses or websites to send phishing emails. Cybercriminals use very similar characters to replace certain characters in the original sender’s email address, which looks very alike if not observed in detail. For example, imitating @microsoft.com with @micros0ft.com.

Voice phishing (vishing)

Tips to Avoid Phishing # 6 — Voice Phishing (Vishing) | by  ReputationDefender | Medium

Vishing is a phishing attack whereby scammers call you, impersonating as a valid person or representative from a company, government agency or charitable organisation. Their aim is to trick you into giving up your personal information or steal money from you.

SMS phishing (smishing)

Received an SMS claiming to be from UOB? It could be a phishing website

Smishing is a type of phishing attack which is delivered through SMS messages. The scammer imitates a valid organisation and sends short messages to trick you into clicking a link to visit a site. The site is malicious and usually contains dangerous programs for the next stage of attack.

Social media phishing

Facebook Phishing Attacks Hidden In Video Links | The Social Media Monthly

Scammers use social media to create posts or send direct messages to persuade unsuspecting users into clicking a link. They usually use too good to be true offers/giveaways, skeptical “official” business profiles, or pretend as your friend to ask for your help, in order to attract users into doing something. Some go as far as acting as your friend and building a relationship with you before going in for the final attack, which is known as social engineering.

Spear phishing

What is spear phishing | MCG TechTalk

This type of phishing attack is also known as targeted phishing attack. It targets a specific individual or a group of individuals by researching their interests and profiling them based on their online activities. Then, scammers will use specifically structured messages or details to appeal to the victims and trick them into giving valuable information or details. For example, a mid-level executive might be targeted to trick him into giving info about higher executives because they have access to even more valuable information, in which they become the target for the next phase of attacks.

Whaling

What is Whaling Phishing & How Does it Work? | Agari

Whaling is also known as business email compromise (BEC), which is a form of spear phishing that targets high-profile employees. Examples include CEO, CFO or any C-suite employees, whereby they are impersonated by scammers to pressure others into wiring transfers or sharing credentials. It can also include pretending to be a vendor with a fake invoice requesting for payment.

Clone phishing

8 types of phishing attacks and how to identify them | CSO Online

In this type of attack, scammers duplicate previously sent legitimate messages to send to users again. However, they have replaced the original links and attachments with malicious ones. The messages can be emails, fake social media accounts or any text messages to trick users.

There are also cases where legitimate websites are hijacked or imitated to deliver phishing attacks. Here are a few examples:

Watering hole phishing

Watering Hole Attacks | TheCyberPatch

This type of phishing attack is done by cybercriminals through targeting popular sites that many users use. The aim is to try to exploit the sites’ security weaknesses to launch other phishing attacks to compromise the users, such as delivering malware, malicious links redirection and other cyberattacks.

Pharming

What is Pharming? | How to Prevent Pharming Attacks

Pharming also means DNS cache poisoning, where cybercriminals install malicious programs to redirect a website’s traffic to another fake phishing website. This form of attack is done by modifying host files on a server or exploiting DNS server vulnerability.

Typosquatting

Typosquatting What is it, what is it for and how to avoid this type of  computer attack? - Computing Mania

Typosquatting refers to URL hijacking, and it is done by targeting people who type incorrect URLs. Cybercriminals create a website with a URL that looks identical to a targeted safe website, but with a very small spelling variation. For example, google.com was targeted in 2006 using goggle.com to trick users into using another fake phishing website.

 

Clickjacking

Clickjacking Attacks: What They Are and How to Prevent Them | Netsparker

In clickjacking phishing attacks, cybercriminals use website vulnerabilities to insert unseen malicious links to the website’s UI elements, so that users unsuspectingly clicked the malicious links. Clickjacking can also be done by using dangerous pop-ups to entice users to click them via inducing greed, fear or urgency.

Tabnabbing

Tabnabbing Attacks and Prevention – AppSec Monkey

This type of phishing attack happens when a user has opened a lot of tabs and left them inactive, during the course of his multitasking. This provides an opportunity for cybercriminals to reload the tabs into fraudulent websites, tricking users into thinking the tabs are the same and handing over their credentials. This can be done because cybercriminals have compromised the network.

HTTPS phishing

Phishing sites trick users with padlock and HTTPS | TechRadar

In the past, malicious websites usually do not have HTTPS, and we can easily identify them. However, now any site can get this, and cybercriminals can create a HTTPS website easily, giving the illusion of a classic “safe website with a padlock next to the URL”. In reality, it is a malicious website, and any info submitted to the website will be in the hands of the cybercriminals.

Some other phishing attacks worth mentioning that we should be aware of include:

  1. Evil twin – public wifi Internet connection mimicking
  2. Search engine results phishing – fraudulent websites appearing on search results before a legitimate one
  3. Angler phishing – impersonating a company’s official customer representative to trick users to give details
  4. Cryptocurrency phishing – phishing attacks that target cryptocurrency wallets

The Internet landscape is constantly evolving, and so do the different ways of phishing attacks. This list on the types of phishing attacks is not exhaustive and it will always be changing. The ultimate objective is to trick users into clicking a link and tricking them to give up their credentials. Fortunately, due to this common nature, it is possible to correctly identify phishing scams and prevent them. Stay tuned for the next blog on how to identify, avoid and prevent them.

About WebNIC

Types of Phishing Attacks You Need to Know 14

WebNIC operates a digital reseller platform covering primarily domain name registration for over 800 TLDs, web security services, email and cloud services. With offices in Singapore, Kuala Lumpur, Beijing, Taipei and Jakarta, we serve 5,000 active resellers in over 70 countries. With over 20 years’ experience, we accelerate our partner’s growth through a robust platform, attentive support and wholesale pricing. To join us and become a reseller, live chat with us or email us at [email protected].

Root SSL Certificate Expiry and What Happens Next for Brands 15

Root SSL Certificate Expiry and What Happens Next for Brands

A root certificate used by Let’s Encrypt has expired and caused problems for some companies and users.

Foto Artikel : Mengelola Kebocoran Emosi - Kompasiana.com

The specific root certificate mentioned here that expired on 30 September 2021 is the IdenTrust DST Root CA X3. It was created back then in the year 2000, which has a validity period from 30 September 2000 to 30 September 2021. Most people probably won’t be affected by this expiry problem, but certain groups of people or companies have definitely come across some problems caused by this expiry, particularly those that that are still using old devices, old system infrastructure or old versions of operating system.

To understand the reason why this happens, it is important to know about how Certificate Authorities (CA) work and how the SSL certificate chains work. It is important to understand the concept of chain of trust in terms of SSL certificate, which is the foundation of the entire SSL certificate industry.

To make it simple, all certificates that enable HTTPS on the Internet are issued by a CA, an organisation that is trusted and accepted by devices or operating system (OS). For example, the image below shows the list of “Trusted Root Certificate Authorities (CA)” on a Windows 10 device.

Root SSL Certificate Expiry and What Happens Next for Brands 16

The different levels in the hierarchy of SSL certificates

SSL certificate is usually categorised into 3 levels of hierarchy, the top-level root certificates, followed by the second level intermediate certificates and lastly the third level leaf certificates or end-entity certificates.

CA function as an entity to issue root certificates, which is the top-most level in the hierarchy of the certificate chain of trust. Most of the time, they are typically valid for around 20 years. These root certificates are then used to issue the second level intermediate certificates, which are typically valid for around 3 – 6 years. The intermediate certificates are then used to issue the third level leaf certificates, the ones that websites around the world get. They are typically valid for around 90 days to 1 year.

These 3 levels of SSL certificate work together to establish a chain of trust, which serves as the foundation of how the SSL certificate industry works. Leaf certificates are chained to intermediate certificates, while intermediate certificates are chained to root certificates. In the case of the expiry of Let’s Encrypt’s root certificate, IdenTrust DST Root CA X3, the image below shows its chain of trust.

ISRG Certificate Hierarchy Diagram, as of December 2020

Let’s Encrypt root certificate expiry

Using Expired Detergent - Alconox Blog: TechNotes

Now that IdenTrust DST Root CA X3 has expired, any users of SSL certificates that were chained to this root certificate will face problems when trying to access the Internet. Some services by famous brands might also face interruptions in delivering their service to end users due to this problem. As the scale of usage of Let’s Encrypt’s SSL certificate is very large, probably millions of people or companies will be affected, particularly those that use old devices, old system infrastructure or old versions of operating system as mentioned above.

Scott Helme, a security researcher, entrepreneur and international speaker who specialises in web technologies, listed in his blog the clients that will break after the IdenTrust DST Root CA X3 expires. These include versions of macOS older than 10.12.1, Windows versions older than XP Service Pack 3, iOS versions older than iOS 10, OpenSSL versions less than and including 1.0.2, and Firefox versions older than 50.

What happens when a root certificate expires?

Let’s Encrypt’s Executive Director, Josh Aas, mentioned that when leaf certificates (end-entity certificates) expire, it typically has very little impact, as it only pertains to a small number of websites and they renew automatically. However, when root certificates expire, there can be more widespread impact because the number of certificates chained to them is larger, hence client operating systems or browsers may need to be upgraded to fix problems. However, that isn’t always an option for older devices or deployments.

When root certificates expire, most clients’ devices or operating systems will automatically update the system list of “Trusted Root Certificate Authorities (CA)”, and the expired root certificate will be automatically removed through system updates. From here onwards, whenever the clients come across any SSL certificate that chains from the expired root certificate, an error occurs. An example of the error message of an expired SSL certificate is shown below.

Root SSL Certificate Expiry and What Happens Next for Brands 17

A note worth mentioning is that the browser Firefox maintains its own list of trusted root certificates, independent from a system’s built-in list. You can learn more about it here.

Conclusion

As Let’s Encrypt SSL certificate comes free, therefore the team behind it is not really required to provide users with any service commitment in situations like this. When it comes to issues like this, it is up to the user’s technical capabilities to solve them. The best there is to offer is the community forum support from the people who are passionate about it.

Besides, with the recent outages of mainstream services such as Facebook, Instagram and WhatsApp, which went down for 6 hours on October 5, 2021, it is important to advise your customers to have a backup plan for their online business, in case unfortunate events all happen at the same time and affected their business operations severely.

The Small Business Guide to Cybersecurity | SCORE

The best advice you can give to your customers is to always build their own website, instead of relying on free services, as mainstream service is not a guarantee that it will last until the end. With this in mind, WebNIC wants to help you to assist your customers in building their website and owning their domain names. You can now pay a very little amount to get a DV SSL certificate (from as low as USD4.00 only) for 1 year, with access to guaranteed support from WebNIC. Let your customers know that having a website is much safer, because if social media dies off, at least they would not disappear completely with it in the online world, because there is still a backup ready.

Register domain and buy SSL certificates for your customers with WebNIC

DigiCert Smart Seal

WebNIC is an accredited registrar of over 800 TLDs and a trusted provider of more than 50 brands of SSL certificates to suit your different needs. We have more than 20 years of experience in the domain wholesale and reseller service, as well as more than 7 years of SSL certificate experience. You can be assured that we will provide the best service experience in helping you to register domains and buying SSL certificates. Join WebNIC as a domain and SSL certificate reseller to start selling with us today!

About WebNIC

Root SSL Certificate Expiry and What Happens Next for Brands 18

WebNIC operates a digital reseller platform covering primarily domain name registration for over 800 TLDs, web security services, email and cloud services. With offices in Singapore, Kuala Lumpur, Beijing, Taipei and Jakarta, we serve 5,000 active resellers in over 70 countries. With over 20 years’ experience, we accelerate our partner’s growth through a robust platform, attentive support and wholesale pricing. To join us and become a reseller, live chat with us or email us at [email protected].

Q2 2021 Top 10 Most Impersonated Brands in Domains 19

Q2 2021 Top 10 Most Impersonated Brands in Domains

What are the top 10 most impersonated brands in Q2 2021 in terms of spoof domains?

Phishing, monetary gain and supply chain attacks characterise cybercrime - Opera News

Cybercriminals often use spoof domains to impersonate world-renowned brands to trick Internet users into giving their confidential information to them. In addition, they also use these spoof domains as attack vectors to perform cyberattacks, such as malware distribution, ransomware, virus etc.

The easiest way for cybercriminals to do so is to take advantage of the reputation of famous brands. Therefore, they love to impersonate these brands by using domains that contain the brands’ names, use similar typo which involves a brand name or the more advance method of hosting content that mimics the brand’s content. It is important to prevent all these threats by implementing digital brand protection measures.

Cybercriminals love to impersonate famous brands and here are the top 10 most impersonated brands in Q2 2021.

Q2 2021 Top 10 Most Impersonated Brands in Domains 20

The graph above shows that these brands are the most impersonated brands when it comes to spoof domains. It is quite a problem because this means cybercriminals are intentionally registering spoof domains related to these brands to defraud end users. In other words, the domain attack surface size of these brands is large, because there are many spoof domains related to their brand name. As a result, they tend to be more vulnerable and have a higher chance of being taken advantage by cybercriminals to damage their brand reputation and image.

As a part of cybersecurity measures, there is a continual and never-ending process known as domain attack surface discovery. In this process, cybersecurity professionals discover spoof domain and subdomain names related to a brand that can be used as attack vectors to launch cyberattacks. The larger the domain attack surface, the more vulnerable a brand is. On the other hand, the more attack vectors discovered by cybersecurity professionals, the higher the chance to mitigate a cybersecurity incident.

In this blog, we will address these main questions to give you a better idea of what is the domain attack surface for 10 most spoofed brands:

  1. What percentage of the domains discovered can be publicly attributed to the brands they contain?
  2. What top-level domains are mainly used?
  3. Are any of them already considered malicious?

The brands mentioned here are based on a study by Check Point’s Brand Phishing Report. The report lists companies that are found to be the most imitated brands by hackers in their phishing campaigns.

How large is the total domain attack surface size accumulated across these 10 brands?

The 10 brands accumulated over 42,000 domains and subdomains as per the data sample prepared by WhoisXML API, a domain research, WHOIS, DNS, and threat intelligence API and data provider. These domains were added from 1 July to 3 August 2021, roughly at least 12,000 domains and 30,000 subdomains, added within a span of only four weeks. A more detailed breakup for the numbers of each brand is shown in the chart below.

Q2 2021 Top 10 Most Impersonated Brands in Domains 21

Although Microsoft is the most impersonated brand, the chart clearly shows that Amazon has a much larger domain attack surface, compared to Microsoft. Amazon is used in close to 12,000 domains and subdomains, compared to Microsoft at roughly 1,000 domains and subdomains. Some examples of the domains and subdomains are shown in the image below:

Q2 2021 Top 10 Most Impersonated Brands in Domains 22

How many of these domains and subdomains are publicly attributable to the brands they contain?

Highly skilled & well-funded: The new booming threat in cybercrime |  2021-03-01 | Security Magazine

For the discovered 42,000 domains and subdomains, some of them are likely owned by the brand’s owners, whereas most of them are spoof domains. WhoisXML API did some investigation by checking the registrant email addresses of the brands’ official domains from WHOIS Search and WHOIS History Search. The email addresses were then compared to the WHOIS records of these 42,000 domains through Bulk WHOIS Lookup.

60% of these domains return a result, and the rest could not be verified probably due to them already dropped by the owner. Of these domains that return a result, only 24 domains or 0.09% of the 42,000 domains use the same official registrant email addresses as the brands’ official domains. Hence, the investigation’s conclusion is that 99.91% of these 42,000 domains are spoof and cannot be publicly attributed to the brands and could have been registered and managed by other entities, including cybercriminals.

What is the distribution of the top-level domain (TLD) among these domains?

WhoisXML API also found something interesting when analysing the TLD distribution of these 42,000 domains. It found out that for these 10 most imitated brands, 35% of them falls under the .com space, while the rest are distributed across 209 other TLDs, including country-code TLDs. The top 10 TLDs are shown below:

Q2 2021 Top 10 Most Impersonated Brands in Domains 23

How malicious are these domains?

Expired Domains Leading Users to Malicious Websites

WhoisXML API also did some further investigation to check the malicious status of these domains. It took 30% of the samples and ran threat analysis on these domains to see if they have been reported as malicious. Disturbingly enough, 68% of these samples which were analysed for threats are listed on blocklist sites, such as VirusTotal and Google Safe Browsing. These domains are usually only 1 to 2 months old at the time of writing, and have already been reported as malicious.

Conclusion

Q2 2021 Top 10 Most Impersonated Brands in Domains 24

In summary, the top 10 most impersonated brands in Q2 2021 have been linked to around 42,000 of spoof domains and subdomains. These domains were added in just a short 4 weeks only, and almost all of them cannot be publicly attributed to the brands they contain. To make things worse, 30% of the samples used to perform threat analysis are malicious. This study shows the severity of domain spoofing is not to be taken lightly, and that a large domain attack surface is very real and pose significant threats. WebNIC would like to ask you to make sure to take cybersecurity seriously for your business or your customers’ business. As a starter, you may check out our Sectigo Web service, a modern all-in-one and comprehensive web security service.

About WebNIC

Q2 2021 Top 10 Most Impersonated Brands in Domains 25

WebNIC operates a digital reseller platform covering primarily domain name registration for over 800 TLDs, web security services, email and cloud services. With offices in Singapore, Kuala Lumpur, Beijing, Taipei and Jakarta, we serve 5,000 active resellers in over 70 countries. With over 20 years’ experience, we accelerate our partner’s growth through a robust platform, attentive support and wholesale pricing. To join us and become a reseller, live chat with us or email us at [email protected].

DigiCert Smart Seal - The Brand New Dynamic Site Seal 26

DigiCert Smart Seal – The Brand New Dynamic Site Seal

Introducing DigiCert Smart Seal, a brand new dynamic SSL secure site seal

A brand new member to the SSL site seal family is now available from DigiCert, one of the most trusted names in the SSL industry. The SSL site seal has been around for some time, and DigiCert is making great strides to redefine it in this whole new modern era of digital landscape. Hence, just a few months ago they launched the DigiCert Smart Seal, a brand new dynamic SSL secure site seal. In case you are not sure what is this, click here to read more about SSL certificate site seal indicator and its importance.

What is DigiCert Smart Seal?

DigiCert Smart Seal is a modern approach to the traditional SSL secure site seal. It is more than just a seal in which it incorporates real-time security indicators with users’ microinteractions, giving them extra confidence and empowering their trust when they browse a site. The powerful feature of a DigiCert Smart Seal is that it is able to dynamically display identity and PCI status with an industry-first verified logos and other modern features, which is not found in any other SSL site seals.

What is different in DigiCert Smart Seal?

Conventional SSL secure site seal for most of the time, has been just static images, which can be easily duplicated to deceive users. However, DigiCert Smart Seal is different. It is just like any SSL secure site seals, but smarter and improved.