© 2015 MarkMonitor Inc. All rights reserved.

Phishing Attacks in the Cloud –

Effective Strategies to Protect

Your Brand

Akino Chikada

Brand Protection, Product Marketing, MarkMonitor

Agenda

Online Fraud Lifecycle and Trends

Fraudsters Target SaaS/Cloud-Based Companies

How Fraudsters Monetize

Business Impact

Considerations & Best Practices

Q&A Session

2

By 2015, 3.2 billion people will be using the internet

Global Internet Adoption

Source: http://www.internetlivestats.com/internet-users/

The Online Fraud Lifecycle

Launch Phishing

Campaign Collect Credential

& Monetize

Fraudster Lifecycle

Traditionally, the financial industry has always been a

primary target for phish attacks

H1 2015, 41% of the phishing attacks targeted the

financial industry

4

Setup Phishing

Attack

…Today, Fraudsters Are Evolving Their Targets

5

0

5000

10000

15000

20000

25000

30000

35000

40000

45000

Non-Financial Institution Companies

Grand Total

Linear (Grand Total)

Source: MarkMonitor

Cloud & SaaS Defined

6 | Confidential

The Cloud - a way of delivering data to any digital device,

anywhere and at any time

SaaS:

• Most predominant type of cloud computing

• Software that is owned and managed remotely by a provider that

delivers their software to users remotely at any time

• Often a “pay-as-you-go” basis or subscription-based

Why SaaS Companies?

Funding for SaaS companies was $11.7 billion in 2014, up

70% over the past year; and funding tripled since 2011

A third of businesses worldwide are moving applications

from locally hosted servers to SaaS environments*

Global SaaS software revenues are forecasted to reach

$106B in 2016, increasing 21% over projected 2015

spending levels**

SaaS introduces new concerns: financial & data theft

opportunities

* Gartner

** Forrester

7

SaaS model changes the fraudsters target: instead of

targeting the infrastructure itself, fraudsters target users

who hold access rights to data

Individual users of SaaS apps also typically do not have

appropriate security controls in place to fully minimize risk

According to a recent study*, very successful phishing

campaigns will capture data from 45% of its visitors

• Least successful scams only scored information from 3% of its

visitors, but that still adds up!

*Engadget: “Google says the best phishing scams have a 45-percent success rate”

“Handcrafted Fraud and Extortion: Manual Account Hijacking in the Wild”, Google

Phishing Attacks Targeting SaaS Companies

SaaS Companies: The New Target

9 | Confidential

0

500

1000

1500

2000

2500

3000

3500

Mar

-14

Ap

r-14

May

-14

Jun

-14

Jul-

14

Au

g-1

4

Sep

-14

Oct

-14

No

v-14

Dec

-14

Jan

-15

Fe

b-1

5

Company A phish trend

0

1000

2000

3000

4000

5000

6000

7000

8000

Jan

-11

Ap

r-11

Jul-

11

Oct

-11

Jan

-12

Ap

r-12

Jul-

12

Oct

-12

Jan

-13

Ap

r-13

Jul-

13

Oct

-13

Jan

-14

Ap

r-14

Jul-

14

Oct

-14

Jan

-15

Company B phish trend

Once a SaaS company reaches significant market presence,

there’s risk that they become a target for phish attacks.

How Do Consumers Get Directed to

Phishing Sites?

Websites

Paid

Search

Social

Media

Email Mobile

Apps

Fraudsters typically leverage a multi-pronged approach,

and sometimes use social engineering tactics

Tactics Leveraged to Steal Credentials

11 | Confidential

Social engineering scams

Email campaigns

Impersonating sites

Social Media – support pages

Paid Search ads

Malicious mobile apps

Mobile Phishing by Industry

Source: Trend Micro

Different Types of Attacks

Targeted Attack:

Specifically going after a companies’ credentials

Generic Attack:

Utilizing a brand to get email credentials

Malware Attack:

Utilizing a brand and trick targets to download malware (email

campaigns attachments, mobile app downloads)

12

Impact of Phish Attacks Targeting SaaS /

Cloud-Based Companies

18%

23%

64%

Specific Phish

Malware

Generic Phish

Targeted phish attacks are

higher risk than generic attack

and have direct impact on your

business revenue

All attacks will still impact

brand reputation

Take action and shutdown all

fraudulent activities

13

SaaS Company: Phish Breakdown

Source: MarkMonitor

How Fraudsters Monetize

With SaaS, once a fraudsters has accessed the account –

they get access to the data

Fraudsters know how to monetize different types of

credentials and data

• Deepening data on user for various types of fraud

• Broadening credential coverage to launch

more campaigns

• Reselling cloud credentials

• Reselling resources

• Hijacking resources

14

Fraud Damages Businesses

The Impact to Business

Impacts your top and bottom lines

Damages Online

Channel

Customer distrust

Abandoned Internet channel

Diminished revenues and

higher costs

Increases

Costs

Incident fire-fighting

Fraud remediation

Customer service and

support

Weakens Customer

Relationships

Poor customer experience

Eroded brand loyalty

Customer defection to competitors

15

Online Fraud Lifecycle F

RA

UD

ST

ER

P

RO

TE

CT

ION

Setup Phishing

Attack

Launch Phishing

Campaign Collect Credential

& Monetize

Prevention Detect & Validate Mitigate

Shutdown

16

Considerations &

Best Practices

Assess Security Risks Before Moving to Cloud

Considerations

Before starting a cloud project, assess the risks you and your customers might be exposed to:

• Does your cloud product store what might be sensitive business

information?

• May your cloud product store lists of user credentials?

• Can your cloud product be resold?

Assess the potential damage of a phishing attacks on your customers

Find out if your brand or product is getting phished

Check for products offering a “phishing monitoring” and/or “insurance” service

18

What You Should Do

Page 19 | Confidential

1 BE PROACTIVE

Monitor and proactively protect your bank and your customers from

fraudulent attacks

2

3

LEVERAGE TECHNOLOGIES

Ensure you have a purpose-built technology to help you prevent, detect,

and mitigate fraudulent activities

DON’T JUST FOCUS ON THE EMAIL CHANNEL

Fraudulent attacks are taking place across multiple digital channels in

different forms

Social

Media Email Websites Paid

Search

Mobile

Apps

Educate Your Customers Protect Your Customers from Online Scammers

Make your customers your allies in fighting fraudulent activities

Setup an inbox so that customers can easily forward any

fraudulent scams

Two-factor authentication is often recommended

Provide best practices and proactively share latest scams /

tactics fraudsters are leveraging so that your customers know

what they should look out for

Page 20 | Confidential

Key Take Aways

Cloud computing is changing the way businesses operate and

will continue to evolve

Fraudsters are continuously evolving their tactics, so have

preventative measures in place to minimize risks

Be prepared for the worst so that any stage of a fraud lifecycle,

you have a strategy to mitigate and shutdown a fraudster

Questions?

Thank You!

For information on MarkMonitor solutions, services and

complimentary educational events

• Contact us via email:

field.marketing@markmonitor.com

• Visit our website at:

www.markmonitor.com

• Contact us via phone:

US: 1 (800) 745 9229

Europe: +44 (0) 203 206 2220