Mimecast's 5 Steps To Stop Brand Impersonation – Top Business Tech

Mimecast’s 5 steps to stop brand impersonation

, Cyber Security, Mimecast's 5 steps to stop brand impersonation

Top Business Tech takes a closer look at Mimecast’s The State of Brand Protection 2021 and its key steps to mitigating against brand impersonation.

Mimecast’s The State of Brand Protection 2021 outlines a five-point strategy to assist marketing and security teams in collaborating to develop a brand safety strategy that can meet evolving threats head-on:

1. Bridge the marketing and IT security Siloes

Mimecast shared the story of one interviewee who said: “I only had a suspicion, but it turns out there’s a lot more than we would have ever anticipated — we take down an average of about 10 or 11 fraudulent sites every month, usually within 48 hours of notification.” After this, the interviewee reported that his marketing colleagues then became active partners in combatting impersonation. 

, , ESET

2. Use proof of concepts (PoCs) to extend brand protection awareness to all stakeholders 

The second point that Mimecast outlines is the need to ensure that the entire organisation educates themselves on the problem through proof of concept. By explaining DMARC in a more simplified manner, instead of relaying its technical complexities, the idea of threat is understandable to a much wider audience, especially that of the c-suite.

3. Use third-party brand protection services

Though many companies have security divisions to mitigate against impersonation, the threats are often fast-moving and hard to track. Given this, Mimecast advises the implementation of a third-party service to protect a brand. Automated services can detect malicious activity in a matter of seconds, as opposed to a manual, in house team, which will take several weeks or months to see a threat.

4. Enforce DMARC

According to Mimecast, Less than a third of SOES 2021 respondents use the DMARC email authentication protocol to stop bad actors from delivering harmful emails that appear to come from their brand’s domain. SMARC requires monitoring, strategic analysis and planning to roll out, which is why Mimecast suggests three phases to its deployment:

1. Monitor: discover the source of the impersonating emails; 

2. Analysis: security and marketing teams need to work together to identify illegitimate senders and by setting their DMARC policy to “quarantine” suspicious emails by sending suspicious emails into the recipient’s spam folder.

3. rejection Implementation of a reject policy that will prohibit emails sent from unauthorised senders using the brand’s domain.


5. Be transparent with customers

As this is an issue that is not likely to go away anytime soon, customers must be educated on the threats that a company faces and the improvements it undertakes. A prime example is the US Internal Revenue Service (IRS), which continuously informing citizens that it will never call to request personal information.

For more news from Top Business Tech, don’t forget to subscribe to our daily bulletin!

Follow us on LinkedIn and Twitter