Where Domain Security Meets the Supply Chain Crunch

Where Domain Security Meets the Supply Chain Crunch

Over the last two years, we’ve all faced supply shortages on items we previously never thought could be in short supply. Most recently, the baby formula and semiconductor markets were hit. Before that, supply chain attacks on Colonial Pipeline and JBS Foods showed us that an attack on one company through a singular point of compromise has the potential to disrupt an entire network of connected companies, products, partners, vendors, and customers.

CSC knows that as global and societal events such as supply chain shortages occur, there’s a corresponding increase in fraud related to fake domain registrations (websites) that capitalize on the event—creating unsafe situations for consumers. CSC has conducted new research that shows risk increases for companies and consumers experiencing supply chain shortages.

>> Download the research paper to see the full results.

CSC’s research team assessed the security of branded web domains within the baby formula and semiconductor markets looking for fake domains and fraudulent activity between 2021 and May 2022. A significant number of the assessed domains show features of being registered for fraudulent use, including MX records, domain privacy features, and redacted WHOIS information.

To enhance your security posture, review CSC’s recommendations for how to maintain good security hygiene and protect your brand from online abuse and fraud:

1. Adopt a defense-in-depth approach for domain management and security

  • Eliminate your third-party risk by assessing your domain registrar’s security, technology, and processes along with your domain name system (DNS) management provider
  • Secure vital domain names, DNS, and digital certificates through:
    • Implementing two-factor authentication
    • Regulating permissions—both normal and elevated—and watching for any changes, as well as adding an authorized contact policy
    • Monitoring DNS activity and deploying distributed denial of service (DDoS) protection
    • Using security measures like domain registry locks, DNS security extensions (DNSSEC), domain-based message authentication reporting and conformance (DMARC), certificate authority authorization (CAA) records, and redundancy on DNS hosting

2. Continuously monitor the domain space and key digital channels like marketplaces, apps, social media, and email for brand abuse, infringements, phishing, and fraud

  • Identify domain and DNS spoofing tactics, such as homoglyphs (fuzzy matches and international domain names), cousin domains, keyword match, and homophones
  • Register domains that could be high-value targets related to your brands (i.e., homoglyphs, or country domains) to mitigate the risk of bad actors using them
  • Identify trademark and copyright abuse on web content, online marketplaces, social media, and apps

3. Leverage global enforcement, including takedowns and advanced techniques in internet blocking

  • Use phishing monitoring and a fraud-blocking network of browsers, partners, internet service providers (ISPs), security information, and event management (SIEM) systems
  • Use a combination of actions to enforce on IP infringements and fraud:
    • Primary enforcement actions include marketplace delistings, social media page suspensions, mobile app delistings, cease and desist letters, fraudulent content removal, and complete threat vector mitigation
    • Secondary enforcement actions include registrar-level domain suspensions, invalid WHOIS domain suspensions, and fraud alerting
    • Tertiary enforcement actions include Uniform Domain Name Dispute-Resolution Policy and Uniform Rapid Suspension procedures, domain acquisitions, in-depth investigations, and test purchasing
  • Use a range of technical and legal approaches for enforcement, selecting the most appropriate approach case by case

4. Confirm that your domain registrar’s business practices are not contributing to fraud and brand abuse

  • The following issues are often common with consumer-grade domain registrars:
    • Operating domain marketplaces that drop catch, auction, and sell domain names containing trademarks to the highest bidder
    • Domain name spinning and advocating the registration of domain names containing trademarks
    • Monetizing domain names containing trademarks with pay-per-click sites
    • Frequently occurring breaches resulting in DNS attacks, phishing, and business email compromise