BrandShield is an online threat hunting company used by major companies like New Balance and LEVI's, that specializes in monitoring, detection and removal of online threats such as phishing attempts, executive impersonation, counterfeit products, trademark infringements and more.
BrandShield was established to revolutionize the way companies can protect their digital assets outside their security perimeter.
We sat down with Yoav Keren, the CEO of BrandShield and former IDF official to discuss how the company differentiates from other solutions on the market and the biggest online threats they are seeing to end-users and companies.
Tell me about BrandShield. What is the company's mission?
BrandShield is a leading cybersecurity company founded by a team of world-class intelligence and security experts with decades of experience to protect brands from external cyber threats and cybercriminals and provides solutions from brand protection to online threat hunting. Our AI+ML platform identifies, tracks, and eliminates external online threats - threats that fall outside of the reach of CISOs and company firewalls. We work with the world’s leading companies, including VISA, Bristol Myers Squibb, Levi’s, New Balance, Swisscom, and many others. Our mission is to protect the world against dangerous online threats and take down bad actors who are intent on causing harm.
How do you differentiate from other solutions in the market?
Our solutions are better than our competitors in three key areas: scope of protection, speed, and accuracy.
Scope: We specialize in monitoring, detecting, and removing online threats such as phishing attempts, executive impersonation, counterfeit products, trademark infringements, and more. We also monitor a variety of different platforms including websites, social media platforms, e-commerce marketplaces, and mobile apps. Unlike others in this sector, we not only identify and track threats, but we remove them as well.
Speed: We mainly rely on AI/ML while others are dependent on human capital. This means we can identify and track threats instantaneously and remove threats within hours. This not only increases the protection offered to brands, but reduces the workload of security, technology and IP employees.
Accuracy: Another advantage of our approach is that we can achieve greater accuracy as the size of our network grows. Our technology analyzes millions of pages and is able to detect and identify the most crucial online external threats to the organization out of those millions of web-pages. We then are able to achieve a rate of 97% in taking down these threats, which is much more significant than any other solution on the market.
What are the biggest threats you are seeing to end-users and to companies?
The biggest threats we see to end-users and companies remain phishing, executive impersonation (whale phishing) and look-a-like pages and accounts.
Phishing: The creation of fraudulent social media and websites to attempt phishing attacks is rampant. The main goal of external phishing is to steal company credentials to gain access to brand networks, and install malware or steal company secrets.
Executive Impersonation (whale phishing): Cybercriminals impersonate executives to pose as vendors and extract large payments through the company’s finance teams. This can cost a company millions of dollars.
Lookalike Sites: Bad actors create websites that have the same exact, or almost exact, domain name as a well-known brand, except for a change from “.com” to “.net”, or another top-level domain variation. Consumers end up on these websites without realizing they are not on the brand’s official site. These fake websites try to steal users’ credentials or sell counterfeit products that can harm end-users and the reputation of the brand.
Tell us about executive impersonation. Is this a new threat? What's the danger?
Executive impersonation is not a new threat, but it is undoubtedly growing. COVID-19 moved many companies into remote working situations, which has increased the potential for this crime due to a couple of crucial factors. First, companies rely more on internet communications to carry out day-to-day operations, which provides more opportunities for cybercriminals. Second, many financial teams are not in the same building as CEOs and other executives, cutting down on in-person communication and removing another check against these threats.
The impact of this crime can be severe. Cybercriminals impersonating executives can direct employees to send payments to fake vendors who could potentially cost a company millions of dollars through one attack. Additionally, should cyber criminals gain access to executives’ credentials, they could extract sensitive data from a company, whether it be intellectual property and financial information. Even before the rise of social media, the vast majority - 98 percent - of phishing attacks involved social engineering. Social media and its worldwide popularity raised the executive impersonation hazard to an entirely new level. Cybercriminals are utilizing platform features and basic customer trust to commit online fraud in increasingly more sophisticated and creative ways.