1. Homepage
  2. Equities
  3. United States
  4. Nasdaq
  5. Mimecast
  6. News
  7. Summary
    MIME   GB00BYT5JK65


SummaryMost relevantAll NewsAnalyst Reco.Other languagesPress ReleasesOfficial PublicationsSector newsMarketScreener Strategies

For Cyber Monday: A Case Study in Brand Protection

10/25/2021 | 09:54am EDT
As Cyber Monday approaches, brand exploitation can disrupt holiday sales. Learn how one major retailer protects its brands from cloned websites and lookalike domain names.

Key Points:

  • Holiday shoppers are starting early and filling more of their wish lists online this year.
  • So are scammers, heightening the need for brand protection.
  • Retailer Steve Madden is ready for the challenge.

November is the new Cyber Monday. People have stretched out their online holiday shopping, buying more over a longer period of time - especially to avoid this year's supply chain shortages and delays. Unfortunately, 'tis also a longer season for cybercriminals' perennial favorites: fake websites and brand spoofing.

Eclipsing Last Year's Sales Growth

2020 set the stage for this year. Spending on Cyber Monday, the biggest day for online shopping, rose 15% over 2019. Sales spiked 21% year over year during "Cyber Week" - the five days from Thanksgiving to Cyber Monday - and 32% over the whole holiday season, to reach nearly $200 billion.[1]Retailers started offering yuletide deals as early as mid-October.

Meanwhile, on the dark side, cybercriminals were tapping into the shopping spree. One of their main exploits involved cloning retailers' websites with lookalike domain names and sending phishing emails. These kinds of ruses lure people to come and click on malware, reveal credit card numbers or buy knockoffs of a brand's products.

In 2020, 42% of companies saw an increase in web domains that impersonated their brands, and 47% reported a rise in email spoofing for the year, according to Mimecast's State of Brand Protection Report. Suffice it to say, finding and reporting spoofed websites can be costly and time-consuming.

This year, analysts are predicting another double-digit increase in holiday ecommerce.[2] And on the bright side, many retailers are now better prepared to spot the spoofers and stamp out their scams.

In Mimecast's State of Email Security 2021 report, 92% of companies were either using or planning to use a brand protection service this year. Brand protection services like Mimecast's continually scan the web, detect scam sites and report them to blocklists and third-party registrars to block or disable (aka a "takedown"). The services may also include tools like web scrapers, which immediately recognize when a cybercriminal is trying to lift brand elements and other code from a company's ecommerce site in order to create a fake site.

A Behind-the-Scenes Look at Brand Protection

Just in time for the holidays, Chief Information Security Officer Jim Taylor gave us a look inside brand protection at Steve Madden, a Mimecast customer that sells footwear, accessories and apparel worldwide under several brands on seven ecommerce sites.

This will be the first Cyber Monday that Taylor's team is using a brand protection service. Like many companies, Steve Madden didn't fully realize the number of sites spoofing its brands before starting to use the service in the middle of this year. Customers certainly couldn't tell. "The sites look perfect; they look just like Steve Madden," Taylor said.

When the retailer used to chase down fake websites itself, it detected and reported an average of two per month for takedown, Taylor said. Now with the brand protection service, that number is as much as five times higher in some months.

"The old way, we played defense only," he said. A rogue site would come to the company's attention in an ad-hoc way - for example, if a business partner happened to point it out.

"Now we're playing offense," Taylor said. For instance, "we now know right away if someone has scraped one of our sites," he said. That's when Taylor's team analyzes the situation to confirm the cloning and see whether the counterfeit site is drawing traffic. "If so, we go ahead with the takedown," he explained. The whole process can take as little as a day.

Reaping the Benefits of Brand Protection

Madden's brand protection used to be a very slow, manual function handled by the legal department, which in turn would work with an external law firm. This year, Taylor expects the company to save about $200,000 on external legal fees alone. "And our own legal team is saving time because they're out of the takedown business," he said.

Other benefits are even more important, he said, though more difficult to quantify. Before implementing brand protection, "customer satisfaction was taking a big hit, obviously, and there was some reputational damage," Taylor said. Sales were lost, too, especially when scam sites sold knockoffs.

Within Taylor's department, the brand protection function now takes up only a small fraction of one staffer's time, to handle such responsibilities as monitoring a portal for live attacks and initiating takedowns. The brand protection tool is integrated with other security tools, such as filters blocking any spoofed emails from coming into the company.

Senior management and the board have been kept in the loop about the increased vigilance and successful takedowns of scam sites. "They're very pleased," Taylor said.

Over time, the more sites Taylor's team blocks, the fewer he expects will pop up, he said. "Once the word gets out that we're aggressively taking down any fraudulent sites, the attackers will move on to another retailer that doesn't have protection in place," Taylor said.

Brand Protection in the Bigger Picture

Brand protection isn't the only concern during the holidays - the sales period that can often make or break a retailer's fiscal year. Taylor's team takes additional measures, such as ensuring that there's enough CPU to handle a surging volume of visitors on its website. In another step, he puts an informal freeze on any nonessential IT or cybersecurity changes from mid-October to mid-January to avoid disruptions. And he and his team are on high alert for other attacks, such as exploits that steal credit card information from shopping carts, or distributed denial of service (DDoS) attacks that could completely shut down any of Steve Madden's ecommerce sites.

"We treat Black Friday/Cyber Monday with extra caution and care," Taylor said. "But with cybersecurity and data privacy, it's a 24/7 job, every day."

Brand protection isn't just about Steve Madden's brand name or its bottom line either. "We want to protect the people visiting these fraudulent sites, whether they're our customers or not," Taylor said.

The Bottom Line

Call it Cyber Monday, Cyber Week or even Cyber Month. Online retailers are facing a longer, bigger holiday shopping season than ever this year, raising the bar on brand protection. Retailer Steve Madden has gotten in front of the issue and is already taking down scam websites using a brand protection service.

[1]"2020 Holiday Shopping Trends," Adobe Digital Insights

[2]"Holiday Retail Sales Expected to Increase 7-9%; E-Commerce Holiday Sales Projected to Grow 11% to 15%," Deloitte

Want more great articles like this?Subscribe to our blog.

Get all the latest news, tips and articles delivered right to your inbox

Thanks forSubscribing

You will receive an email shortly

Take me back to the article please


Mimecast Limited published this content on 25 October 2021 and is solely responsible for the information contained therein. Distributed by Public, unedited and unaltered, on 25 October 2021 13:53:08 UTC.

© Publicnow 2021
All news about MIMECAST
05/31EPISODE 7, SEASON 3 OF PHISHY BUSINE : The Lazarus Heist: From Phishing Emails to Half a T..
05/23MIMECAST : Permira Completes Acquisition of Mimecast - Form 8-K
05/23MIMECAST LTD : Entry into a Material Definitive Agreement, Termination of a Material Defin..
05/23Berenberg Bank Terminates Coverage on Mimecast Following the Completion of its Acquisit..
05/19Mimecast Finalizes Take-Private Sale to Permira, No Longer Trades on Public Markets
05/19Permira Completes Acquisition of Mimecast
05/19Permira completed the acquisition of Mimecast Limited.
05/19MIMECAST LIMITED(NASDAQGS : MIME) dropped from S&P Global BMI Index
05/19MIMECAST LIMITED(NASDAQGS : MIME) dropped from S&P Software & Services Select Industry Ind..
More news
Analyst Recommendations on MIMECAST
More recommendations
Duration : Period :
Mimecast Technical Analysis Chart | MarketScreener
Full-screen chart
Managers and Directors
Rafeal Edgar Brown Chief Financial & Accounting Officer
Nathaniel Borenstein Chief Scientist
John J. Walsh Senior VP-Engineering & Technical Operations
Shahriar Rafimayeri Chief Information Officer
David Raissipour Chief Technology & Product Officer