Threat Intelligence Blog

Posted July 1, 2014

The following is an excerpt from our new guide, 10 Steps for Protecting Executives from Risks Using Cyber Threat Intelligence.

As the lines between digital and physical threats progressively blur, forward-thinking executive protection professionals are increasingly recognizing the value of using digital threat intelligence to identify, analyze, and manage threat information. So, what can security professionals do to better defend the executives and employees they’re entrusted to protect? Here are 10 steps:

  1. Review the executive’s Internet footprint and understand what is available for attackers to exploit. Is too much information being revealed on business and social networking sites, blogging platforms, photo sharing, people finders, shopping, or geo-check-in services?
  2. Understand that some information (taxes, political donations, public records, etc.) is always available. Take steps to reduce risk by using PO boxes for addresses for political donations, for example.
  3. Claim social media real estate. Register social media accounts that might be claimed by imposters or hacktivists to be used for harmful purposes, and lock down all privacy settings to reduce the information that can be found online via search engines. Register and monitor domain names with the executive’s name and those of any family members who may be targeted. Limit use of geo-location “check in” services, such as those now offered by Facebook or other platforms.
  4. Google suspicious messages to see if they are a reported scam (this also works for phone and text scams). Often, someone else will have received the same suspicious message and post the text of it online.
  5. Right click on any email message to view the mail headers and look for suspicious routing. Be aware that anyone can pretend to be anyone on the Internet – whether it’s a web site address, email account, Facebook message, or text message, almost any proxy for a real person can be faked, spoofed, or hijacked.
  6. Use the “mouse over” test on all links in emails and web pages. If the destination shown in a URL doesn’t match a legitimate website, it’s a danger sign. When in doubt, go directly to the official or legitimate website to enter in account information or search for the document that’s being offered for download, for example.
  7. Ask questions. A healthy dose of caution and awareness of attack techniques is your best first line of defense. If a message is asking you to do something suspicious, confidential, or risky, verify the identity of the person sending the message and communicate with them by alternate means, if possible.
  8. Look for suspicious indicators. If something that doesn’t seem right, proceed with extreme caution:
    • Assume any package or message from an unknown contact is potentially harmful
    • Watch for overly generic wording, grammatical errors and spelling mistakes in communications
    • Look for misaligned request/reward ratios: if an offer sounds too good to be true, it usually is
    • Remember that websites and email addresses can be spoofed and used against targets
    • When in doubt, verify that email or other communication is legitimate by calling or contacting the sender through other means, and never give out confidential information over the phone without validating the identity of the caller
  9. Take full advantage of free online resources:
  10. Keep up with the latest information on these kinds of cyber-attacks by signing up for news alerts or RSS feeds on terms like “spear phishing” and “social engineering” from security vendors and official media websites.


For more information, read our full guide on Protecting Executives from Risks Using Cyber Threat Intelligence.

Additional Posts

What Tools Can You Use to Proactively Protect Your Trademarks as New gTLDs Launch?

We get a lot of questions about how the Trademark Clearinghouse can help brand managers and legal ...

Recent Data Breaches, Targeted Attacks Show Two Sides of Phishing

Hardly a day passes without an announcement of yet another data breach or targeted attack. P. F. ...