To create loyalty, companies rely on a great variety of different measures. One prominent and important tool is effective communication through e-mail and social media. Companies need to generate a steady stream of content to keep customers engaged. And of course, every post should add value for the customer. If it fails to be useful, exciting or interesting, information is simply dismissed as advertising. But if you want to build a positive customer relationship, advertising alone won’t do. What it takes is entertainment. A happy customer is one thing, a loyal customer, on the other hand, is one who won’t turn to another company even when their product may be on par with yours. Creating this kind of relationship typically takes a lot of strategy and teamwork.
When criminals hack their way into corporate accounts and end the bond that took so long to build, the damage can be devastating. Customers expect their data to be protected. If they lose confidence in your ability to do that, they will turn away. Phishing and other scams have been on the up in recent years. According to a 2018 Statista study, 30% of Germans had fallen victim to identity theft.
While firewalls, antivirus software and password protection are all a given in most companies today, efforts to protect the brand image against digital threats are still relatively small. All the same, digital brand protection should really be an integral part of any company’s digital strategy, just like the protection of corporate networks and virtual infrastructures against hackers, malware and virus attacks. Companies spend big money on the latter, but relatively little on safeguards against imitation or the development of a contingency plan.
Digital brand protection encompasses all the steps a company takes to prevent criminals from appropriating its brand, to protect its intellectual property, and to nip attacks against its name and image in the bud. If a company fails to build sufficient defences, the repercussions of a cyberattack can be catastrophic.
The case of an automotive components supplier stands as a cautionary tale of CEO fraud, in which the company’s CFO wired an eight-digit sum to a fraudulent account in response to an e-mail forged to look like a genuine payment order to the parent organisation. The resulting negative PR, the attack itself, and the efforts to contain the damage all added up to a loss of trust on the part of the customers and long-term financial losses.
Account impersonation is also a thing on social networks, where customers are led to click on links that download malware, or indeed enter their personal information directly. A perceived chance to win prizes is all it takes. Attackers can then easily monetise the sensitive information they have obtained, which may even include the credentials for user or bank accounts. It goes without saying that the trust a victim had in the company takes a hit that won’t easily heal. 42% of people who have experienced a phishing attack change their preferred brand in the aftermath. Customer loyalty takes a nosedive while budget spent to manage the crisis goes through the roof and the attack can leave a permanent mark on the books.
In order to prevent impersonation or at the very least be able to react quickly when it happens, your safeguards must be locked and loaded at all times. This means your employees must be aware of the tell-tale signs and harbingers of a cyberattack, and the potential consequences of a successful breach, too. It is important that a campaign to raise awareness reaches every one of them and allows no exceptions. That little branch office abroad can be the gateway for an attack that targets your entire organisation. Consistent monitoring is also imperative to quickly detect attempted fraud and stop it dead in its tracks before any significant damage can occur, or worse yet, you learn about it from affected customers. It’s always better to act than to react, but if the damage has been done, it is important to be able to contain it and restore your customers’ trust.
The good news is that modern technology is available to support an aggressive strategy to prevent misuse of your domain, your e-mail communications, and your brand itself. It can shut down any suspicious activity to get your business out of harm’s way. For instance, cloned website detection can help you prevent a phishing campaign even when it is run from a forged copy of your website that resides in a different domain. Domain-Based Message Authentication (DMARC) shrinks the risk of fraudulent e-mail communication, and DNS Certification Authority Authorization (CAA) ensures that cybercriminals can’t obtain unauthorised digital certificates. Both DMARC and CAA have an integrated feedback mechanism to alert domain owners of attempted phishing and impersonation attacks. And should worst come to worst after all, well-prepared and comprehensive crisis management is key to coming out unscathed.
1. Communicate the incident to your customers as soon as possible.
A capable partner can be invaluable when you build your cyber defences. Bechtle is your first choice for expert consultation and support in (re-)design, planning, implementation, operation and review. Extensive vulnerability management helps you identify areas where you have to take action.
One of the most important elements in a prevention strategy is employee awareness. But how can your employees learn how to identify scams early on and shut the digital door on cybercriminals?