Description
Please create a stage 0 deck PPT for Social Media Monitoring, by Accenture. -About the service-Service benefit as a client – WHY does the client need this
Unformatted Attachment Preview
LOOKBACK REPORT ONBOARDING FORM
SOCIAL MEDIA REVIEW ADDENDUM
Company name
ACTI CONTACT DETAILS
Name
Position /title
Email
CLIENT CONTACT DETAILS
Melissa Godbold
Name
Recon Team lead
Position /title
[email protected] Email
CORPORATE SOCIAL MEDIA
ACCOUNTS
HOW TO FILL THIS FIELD
Company Name/Social Media
Please provide
company/subsidiary names and
URLs for official social media
accounts for Company (ex.
LinkedIn, Twitter, Instagram,
business Facebook profiles etc)
CLIENT DETAILS
Ex: Company A –
[email protected]
C-SUITE/VIP SOCIAL MEDIA
ACCOUNTS
HOW TO FILL THIS FIELD
VIP Name/Title/Social Media Account
Please provide VIP/C-Suite full
name (first, middle, last), Current
Company Title, and URLs for
known social media accounts per
C-Suite/VIP (ex., LinkedIn, Twitter,
Instagram)
CLIENT DETAILS
Ex: George Washington –
[email protected]
*NB providing this information allows analysts to deduplicate and assist in identfying only malicious
profiles or accounts that could cause security concerns for your organization.
1 ARGOS™ SOCIAL MEDIAL IMPERSONATION
MODULE
The Social Media Impersonation module continuously monitors popular social media
platforms to identify fraudulent accounts that impersonate brands, organizations, and other
registered trademarks, such as product names, as well as executives and important
individuals.
The following social media platforms are covered:
•
•
•
•
Instagram
Facebook
Twitter (*coming up)
LinkedIn (*coming up)
To make use of the Social Media Impersonation Module, customers simply enter a list of
keywords to monitor in the profile names and bios of major social platforms. The keywords
can include multiple words (as in the given name and surname of a senior executive), and can
represent either names of executives or of company names.
Figure 1 – Social Medial impersonation detection module
1.1 BRAND IMPERSONATION
Threat actors impersonate trusted brands on social media for a variety of reasons. The
purpose may be to drive traffic to a phishing site, where unsuspecting users are subsequently
fooled into giving up credentials and other sensitive data. The goal may be to pass off
trojanized applications or counterfeit goods as legitimate. Or, in some cases, the objective
may simply be brand abuse, impersonating an established brand in order to degrade its value.
The Cyberint Argos platform’s Social Media Impersonation Module monitors for
impersonation of organizations, brands, products, and other registered trademarks. Customers
can manually set all of the keywords they would like to monitor for upon deploying this
module.
1.2 EXECUTIVE IMPERSONATION
In addition to impersonating brands, attackers often impersonate executives within major
organizations, such as the CEO, CFO, CISO, or other senior management personnel. In some
cases, the attackers impersonate executives in order to have fraudulent invoices paid,
effectively stealing money directly from the organization. In other cases, threat actors
impersonate executives to recruit legitimate candidates for fake jobs, eventually sharing
malware-infected files with the victims to compromise their machines and environments.
The Cyberint Argos platform’s Social Media Impersonation Module monitors for
impersonation of executives across major social media platforms, simply using the first and
last names of the executives whom the customer would like to safeguard against
impersonation.
1.3 ALERTING AND REMEDIATION
When a suspicious profile is detected, it is added to the Social Media Impersonation Module
dashboard for review. If the account is, in fact, authentic, it can be marked as such from the
dashboard. Similarly, innocuous profiles can be marked as irrelevant. The profiles that
represent real threats are marked as Suspicious and/or converted into an Alert.
Once a social media profile has been converted into an Alert, it will then appear under the
Alerts screen and additional actions can be taken. This includes takedown requests, which can
be made within the Argos platform with a few clicks. Cyberint’s dedicated takedown team
handles takedowns across all social media platforms in scope for monitoring.
2 REMEDIATION AND TAKE DOWNS
Upon detection of a malicious content site, Argos™ can initiate a take-down process which
involves, as necessary, notification to the relevant providers to remove the misleading content,
block domains, and update public blacklists.
Cyberint handles hundreds of take down requests per week from various customers and can
influence the different providers to act quickly. Upon receiving the request for the removal of
Illegitimate content that is infringing the customers’ trademark, and/or used for malicious
purposes, Cyberint takes action immediately. Cyberint supports the following takedowns:
✓ Phishing sites
✓ Impersonating social media accounts
✓ Mobile Application in official and non-official stores
✓ Source code in code repositories
✓ Files in Anti-Virus engines
✓ Data leaks in some file sharing sites
The takedown request is initiated via Argos alert section and the “Takedown request” screen
allows customers to monitor the progress as presented in the picture below:
Figure 2 – Argos Takedown request status page
Malicious actors are continuously searching for weaknesses within the company’s
infrastructure. Without adequate vigilance, organizations face risks such as brand
impersonation, phishing attacks, scams, and data breaches, all of which can originate from
social media platforms.
Ineffectively managed, these threats can tarnish a brand’s reputation, compromise sensitive
information, and disrupt operations.
Incorporating social media monitoring into your cybersecurity practices can significantly
improve your organization’s resilience against cyber attacks and enhance its overall security
posture
threat actors use social media to impersonate brands and executives. This can lead users to
fall into phishing scams or unknowingly interacting with harmful content. It can also harm the
reputation of established brands and lead to financial fraud.
This situation can have a serious impact on businesses. It can erode trust in their brand and
potentially lead to financial losses due to fraud or decreased customer confidence. It’s crucial
for businesses to have a way to detect and address these impersonation attempts swiftly and
effectively.
Accenture CI platform’s Social Media Impersonation Module comes in. Our CI team actively
monitors for instances of brand, organization, product, and trademark impersonation. Clients
can tailor the monitoring by manually selecting specific keywords they want to track. This
way, businesses can proactively protect their brand and executives from potential
impersonation threats.
an early warning system for identifying and addressing emerging threats, managing brand reputation,
detecting insider risks, and ensuring regulatory compliance. By integrating social media monitoring into their
cybersecurity strategies, organizations can proactively safeguard their digital presence, bolster their
response capabilities, and ultimately mitigate potential cyber threats.
Upon detection of a malicious content site, Argos™ can initiate a Takedown process that
involves, as necessary, notification to the relevant providers to remove the misleading
content, block domains, and update public blacklists.
Cyberint handles hundreds of takedown requests on a weekly basis from various customers
and can influence the different providers to act quickly. Upon receiving the request for the
removal of Illegitimate content that is infringing the customers’ trademark and/or used for
malicious purposes
Relevant for clients who want to protect themselves from brand reputation issues.
Relevant for clients who suffer from sites that abuse their brand.
Relevant for clients with mobile apps who want to protect their brand and clients.
Relevant to clients complaining about phishing attacks or who are worried about brand
abusing websites
Relevant to clients who suffer from phishing website attacks.
Relevant to clients who want to reduce the impact of cloned websites on their business and
brand.
Relevant to clients who have phishing attacks with more complex techniques.
CYBER THREAT
INTELLIGENCE (CTI)
SERVICE OFFERINGS
iDefense’s mission is to provide actionable intelligence and
relevant decision support to detect, analyze and mitigate
threats before attacks impact the business.
IntelGraph (IG) Subscription
IG Portal: Visualization, alerts &
reports of malicious events, threat
actors and threat groups. Clients
have 24/7 access to all iDefense
intelligence reporting via easy
to use UI for investigations.
RESTful API: IG Indicators of
Compromise or vulnerability data that
can feeds into a Security Information
and Event Management (SIEM),
providing clients with actionable
intelligence used to secure
networks and alert attacks and
prioritize patching.
Request for Intelligence (RFI):
Intelligence reporting on critical
incidents that could impact
business decisions. Clients gain
insight into iDefense
assessments and
recommendations to reduce
threats to their business.
Security Analyst as a Service
(SAaaS)
Threat Assessment
(TA)
Malware Analyst as a Service
(MAaaS)
Direct access to an expert analyst
or team who are embedded
onsite to uplift and operationalize
CTI capabilities and build CTI
roadmaps.
Detailed reporting on company- and
industry-specific cyber threats.
Automated or expert manual
malware analysis or reverse
engineering.
TAs help organization understand
their overall threat exposure and
impact to its operational continuity.
With SAaaS clients can leverage
CTI to make strategic decisions
and establish a cyber-resilient
business.
Copyright © 2020 Accenture All rights reserved.
Provides clients with detailed
understanding of the malware
they have discovered, its
effects on their systems and
potential remediation.
Purchase answer to see full
attachment