Users are increasingly turning to online resources to shop, bank, and perform other financial transactions. Many customers of organizations, such as financial institutions, use online portals provided by the organizations to interact with the organizations. These portals include online websites, applications such as applications for mobile devices, e-mail addresses which send account information to users, and the like.
Where a customer has a trusting relationship with an organization, such as with their financial institution, the customer may make e-mails, websites, or applications purporting to be from their financial institution to be trustworthy and of high priority to the customer. With respect to some institutions and organizations, such as financial institutions, customers may be likely to follow the instructions in the content, as the customer has a strong interest in their finances and the fiduciary relationship between a customer and their financial institution is one of trust.
Malicious individuals and organizations have sought to prey on limited customer technical savviness and the trust between a customer and a reputable organization with which the customer interacts. A common technique is the deployment of websites, electronic mail, or mobile applications designed to appear as though they are from a legitimate source. These so-called “phishing” resources may appear on the surface to be a legitimate website. In some cases, they may have the same “look-and-feel” as a well-known website, such as a banking or retail website. However, when a user types in personal identification information, the information is routed to a malicious entity for various illicit or nefarious purposes, such as improper and unauthorized withdrawal of funds from an account.
Customers of institutions may be victims of such “phishing,” which may erode the customer's trust with the organization. To prevent “phishing,” institutions may employ a threat assessment team who review security threats and assist in issuing security alerts to minimize exposure and raise awareness of potentially malicious hardware, software, or the like.
Malicious organizations and individuals entities frequently deploy nefarious hardware, software, and the like at multiple physical sites and/or create multiple identifiers (e.g. Uniform Resource Identifiers (URIs), Uniform Resource Locators (URLs), domain names, IP addresses, e-mail addresses, or the like). Once exposed via detection and issuance of a security alert, the malicious actors may be forced to discard or abandon the hardware and software resources at one or more physical or virtual locations.