Discovering that your own systems are being abused to conduct attacks against other organisations can have a damaging effect on your reputation if not handled quickly and effectively. While monitoring your own systems for signs of malicious activity is a necessary step to deal with today’s ever-changing threat landscape, when it comes to protecting your brand and domain names some of the most useful information can exist outside of your organisation, which requires an ongoing process to keep up to date with possible domain abuse activity.
Commissum’s domain abuse monitoring service simplifies this process by constantly checking if your domains have been involved in malicious activity, such as phishing attacks or propagating malware, and monitoring new domain registrations for indications of possible brand hijacking. We sift through multiple threat intelligence sources such as blacklists and abuse notification forums to determine if your domains are associated with current security threats, and monitor information on active phishing campaigns and domain registrations.
Our Approach
If your domains are found to be associated with malicious activity we can alert you in accordance with your own requirements, whether that is immediately on abuse being detected or as part of a regular reporting cycle. Our expert incident response consultants are also on hand to assist you with recovering from any potentially damaging situation.
To detect possible brand hijacking, we monitor whether any new domains are registered that are similar to your organisation’s already existing domains, and can provide recommendations on which domains it might be advisable to reserve to prevent cyber-squatting or brand abuse.
The Commissum domain abuse monitoring service is also compliant with Specification 11.3(b) for domain registry operators, which allows you to demonstrate that you are conducting the required technical analysis to assess whether domains in the TLD are being used to perpetrate security threats, such as pharming, phishing, malware, and botnets.