Providing Immediate Early Value, Segasec’s One of a Kind Detection Technique Mitigates Attack on FinTech Website

07 - February 2019
Elad Schulman

Our customer is a FinTech company that works within the trading market. This high-risk industry is often targeted with cyber-threats through external phishing schemes. These false websites mimic the original in order to trick customers and business partners into disclosing sensitive information. 

If successful, attacks can cost a business greatly, in both revenue and brand or reputational damage. Companies could find themselves under regulatory scrutiny, or even being hit with legal action. For customers, personally identifiable information or financial details can be used for criminal behavior, as well as identity theft and fraud.

Segasec Digital Threat Protection Platform

To ward off these threats, our customer installed our full digital threat protection platform, known to detect phishing attacks that impersonate a company website at the earliest possible stages while the hacker is still in preparation mode.

In some cases attackers use domain manipulation, starting by registering or acquiring a similar domain to the original. In others, a hacker might attempt content manipulation to launch a consumer phishing scheme by copying your website or your branding, using a different domain name unrelated to your original. With Segasec, the customer has the widest coverage of any solution on the market, benefitting from 24/7 intelligence that scans and monitors for both of these threats, scaling larger and with more variations than any other.

In this case, Segasec’s industry-leading coverage quickly identified an attack on a subdomain owned by a totally unrelated domain name. Domain protection alone would never have caught this threat.

That’s where our proactive non-domain protection comes in. Our proprietary web agent technology (patent pending) gives customers the earliest possible alert when content duplication is discovered, without drawing unnecessary attention to itself. The hackers remain unaware that anyone was monitoring or reporting on their behavior, and the customer has proactive intelligence to manage a threat.

Forensic Investigation and Take Down

Our next steps were to look into the analytics of the copied website. In this case, we uncovered forensic evidence that allowed us to act quickly, uncover insights on the attack, and take it down before any live threat could be launched.

Customers can benefit from our partnerships with DNS providers, antivirus, spam filters and browser extensions, all of which allow us to mitigate and block attacks automatically, taking them down without relying on exact knowledge of the attacker’s location or identity. Any users or partners who attempt to visit the false website in question will be blocked from entry, eliminating the damage the hackers can do, ultimately protecting the end user. At this point, our collaboration with the abuse departments of hosting companies, domain registrars, law enforcement agencies and legal departments ensures that the threat is removed from the web.

As our track record of zero false positives grows even stronger each day, more partners and providers want to pair with us, utilizing our forensic intelligence to block and remove threats,  protecting businesses and their consumers worldwide. Because of this, our take down is only getting faster.

If you’d like to see a demo of our product, and learn more about how Segasec’s complete digital threat platform could protect your business, give us a call.