Brand-Abuse

This analytic identifies emails claiming to originate from domains similar to those being monitored for abuse by cross-referencing sender addresses with a lookup table of domain permutations, indicating potential phishing or brand impersonation.

This analytic identifies web requests to domains that closely resemble a monitored brand's domain, indicating potential brand abuse indicative of phishing or malware distribution attempts.