Company Overview
Based out of San Francisco, California, CaptivateIQ is a provider of Incentive Compensation Management (ICM) solutions that automate and improve the complex task of designing, processing, and reporting sales commissions. Now with around 300 employees, CaptivateIQ is leading the market in helping organizations design customized sales compensation plans. A VC-funded unicorn valued at $1.25 billion, CaptivateIQ has customers that range across hundreds of organizations in a multitude of industries and continents and include more than a third of the Forbes 2022 Cloud 100 companies. As a tech “unicorn”, CaptivateIQ needed to ensure that they protected their brand from malicious actors looking to profit off their accelerated growth.
“We were notified of a fraudulent job post, which ended up being a scheme to get victims to pay money as part of their onboarding. The perpetrator had even created a fake CaptivateIQ domain.”
CaptivateIQ, Senior Manager of Security
Challenges
Job scams, such as the one identified by CaptivateIQ, have become a growing challenge for multiple industries, especially as scammers get smarter and more creative. CaptivateIQ has seen exponential growth in size from their product development to their customers, and many hopeful job seekers were excited to be part of this monumental growth. However, attackers also noticed this trend and capitalized on it by creating spoofed CaptivateIQ domains to deceive job candidates into giving over both their personal information and funds. In an intricate scheme that involved multiple malicious actors impersonating CaptivateIQ’s recruiting and executive team, unsuspecting job seekers would be led through a fictitious job interview process and tricked into paying for job-related expenses like onboarding equipment shipping costs. While the total number of victims is unknown, the CaptivateIQ security team counted at least five duped interviewees that reached out to their organization since they began the process to take down fake CaptivateIQ content online.
“When we realized this was a sophisticated scheme that was impersonating our brand and affecting unsuspecting job seekers, we realized we needed to go on the offensive and find a tool out there that would help us. Not only just take this down but prevent it and monitor it in the long term.”
CaptivateIQ, Senior Manager of Security
Build vs. Buy
The CaptivateIQ security team ran into trouble when taking down spoofed sites as the domain registrar hosting these malicious sites simply did not respond to their repeated requests. CaptivateIQ’s security team realized they needed a vendor that already had relationships with hosting providers and could broker the takedown in an expedited manner. In addition, CaptivateIQ had limited mechanisms that allowed them to detect, with certainty, other malicious sites across the internet. While the CaptivateIQ security team has had experience building OSINT (Open-Source Intelligence) tools for detection and monitoring, their security and IT team was only 10 strong and they knew that it would take months to build these detection tools, set them up, monitor them, and integrate them with the rest of their security stack. The arduous process of building the detection and monitoring tools coupled with the lack of response from domain registrars made it a no-brainer to find a brand protection vendor that specialized in the detection and takedown of malicious sites.
“The key value is that [Bolster]has direct connections with all the vendors that we need to work with to take down bad sites. For example, we emailed one registrar and they never got back to us. When [Bolster] did it, they got back to you the next day. I mean, till this day, they still have not replied to my email. It’s been three months.”
CaptivateIQ, Senior Manager of Security
Choosing Bolster
Bolster came highly recommended from security leadership at a peer organization and CaptivateIQ’s security team had a seamless experience from demo to POC to deployment. During POC, Bolster was able to not only detect an active site spoofing CaptivateIQ but also take down the spoofed domain within 24 hours. The successful POC was enough to convince CaptivateIQ that Bolster was the right choice for them in protecting against current and potential future job scams. CaptivateIQ immediately saw the value of leveraging Bolster’s existing relationships to address their challenges. In the first week of deployment, CaptivateIQ was able to detect and take down two additional malicious domains spoofing their brand and monitor for any resurgence of fraudulent activity.
“It was an easy standup. We sent over the brand in terms of the name and logo. Then we started to see the results from Bolster’s search come in. And then we saw that one fraudulent domain and that was taken down pretty swiftly. That contributed to our decision to ultimately select [Bolster]as our tool of choice.”
CaptivateIQ, Senior Manager of Security
Benefits
Since deploying Bolster, CaptivateIQ has been able to continuously monitor both the open web and social media platforms for any potential job scams impersonating their brand. CaptivateIQ can now easily automate the takedown of spoofed sites without involving their legal team or having to devote manual hours to using OSINT tools to find active fraud or suspicious activity online. Being able to accurately detect potential malicious sites and take them down in an automated fashion has been essential to CaptivateIQ’s requirement for fast and accurate remediation. Beyond social and web takedowns, CaptivateIQ has also helped prevent many unsuspecting job seekers from falling victim to, and experiencing the future financial loss associated with these types of fake job scams. In taking the offensive with scammers, CaptivateIQ is setting an example of how to practice proactive security for the broader tech community.
Looking Ahead
CaptivateIQ has already leveraged many aspects of Bolster’s social media protection but is looking to expand coverage to fake job listings and other avenues for potential scams across social media sites. Bolster’s ability to offer a consistent detection and takedown experience across multiple different channels; whether the open web, social media, app stores, or even the dark web; has been a highly attractive differentiator. As this tech unicorn continues in its meteoric rise, they will also continue to expand in both use cases and channels to protect against potential and growing fraud. Bolster is proud to be a strategic partner to CaptivateIQ in the journey to make the internet a safer place.
“Even if you feel like you’re a company that’s not in a highly targeted space like the financial industry, you still can be affected by attacks. [Working with Bolster] has been a great experience and it’s especially important for us to help others out there.”
CaptivateIQ, Senior Manager of Security
