AegisBrand Protection
Case studies

Retail / loyalty

Cluster takedown for a phishing wave targeting loyalty accounts

Registrar-aligned suspensions plus marketplace cross-links for scam SKUs promoted on the same landing pages.

  • 120+

    Hosts in cluster

  • −71%

    Median host uptime

  • 18 days

    Support ticket spike resolved

Challenge

Dozens of hosts rotated through a small set of registrars with templated WHOIS privacy. Customer support was overwhelmed before security could centralize IOCs.

Approach

Graph clustering on TLS SANs and shared analytics IDs, parallel abuse filings, and synchronized customer comms templates approved by legal.

Outcome

Median host lifetime dropped sharply; scam listings tied to the cluster were removed in the same enforcement window where platform policy allowed cross-reference.

Model something similar

We can stress-test your enforcement lanes and propose a phased operating plan with realistic SLAs.

Talk to the team →