Stop force and fraud attacks targeting website forms and customer logins with threat intelligence from Deteque. Check who is trying to access your network with Web Query Service.Get started
Blocks fake and fraudulent sign ups
Automated protection for a better user experience
Simple API integration
Online forms are needed for all types of organisation and once successfully accessed, customer accounts are a valuable source of data and an opportunity for fraud. Access credentials are also a valuable black market asset in their own right. Financial services, healthcare are particularly targeted because of the potential to commit fraud and hold data to ransom.
Cyber criminals use two main techniques:
Once the API is integrated with your webpage, that’s it. The threat intelligence behind the API is continuously updated so you can block these malicious attempts automatically.
Customers and subscribers want a seamless and easy online experience. Technologies to check if a human is actually trying to access a form interfere with the customer experience and are a target for spoofing themselves. For those accessing healthcare portals on a regular basis such as the elderly or vision impaired, these tools can be more than irritating but a barrier to the services they are trying to access.
WQS is based on the number of customers/subscribers you declare and that’s it. You know in advance what your costs will be and for most orqanisations it will be less than a $1 per user per year, regardless of how many times a user accesses a form or how many malicious attempts are made on your forms.
Web Query Service (WQS) uses threat intelligence gathered from Deteque’s global network of security researchers, delivered via an API, so you can blocks malicious attempts using force and fraud to access online forms, sign-ups, customer portals…anywhere with a customer/user access point via a website.
WQS works at the ‘submit’ stage of a form fill. Before a submission is ‘accepted’ the IP of the submitter is checked via the API against Deteque’s databases.
Key factors to block include
Any organisation (commercial, public body) using online forms, contact pages and sign-ups can easily add an automated layer of protection with WQS to block attackers known to use force & fraud to gain access to customer/subscriber accounts. WQS complements existing form protection techniques with the advantage of being automated.
Deteque utilises data from Spamhaus, which is collected across the internet globally, from trusted third parties including hosting companies, enterprises, business & ISPs. We have 20 year track record of being a trusted third party and so our data is not just received from a narrow group of providers.
For Deteque, Spamhaus subscribers share their data with us to enable us to build the widest possible picture of the threat landscape (and so that the products they receive from Spamhaus have the greatest value) Our research team consolidates the data onto dedicated Deteque servers making it available via the API.
WQS acts as an additional, automated filter to block specific threats and can be used to block other low reputation IPs/Domains. Because it is automated and always on, threats are blocked allowing IT security teams to work on other tasks.
Data received via the API contains no Personally Identifiable Information (PII) - it’s just an IP address or Domain - so that there is no compromise of organizational, customer or employee data. All data is transported to Deteque with encryption in place. For reporting purposes for a user, Deteque stores just the fact that a query was made and when, and whether it was listed. This ensures that privacy is maintained throughout the system.
There’s a 30 day free trial for Deteque subscribers.