You’ve seen them if you have an email inbox. Emails disguised as mail from a well-known brand, but are a “spoof” or a copycat of an email from that company.
These brand phishing attacks frequently involve the delivery of a branded email or text message containing a link. When you click the link, you are taken to a webpage or login portal that appears to be legitimate but is just a forgery of the real one. It may even have a URL or web address that is similar to the real thing.
A form on a fake website is frequently used to steal user login credentials, payment information, or other personal information.
And we now know which brand names are most frequently used (and abused) to target individuals.
Here are the ten most likely brand names to be spoofed and appear in your inbox or that of your employees:
Microsoft (related to 19% of all brand phishing attempts globally)
When you consider the cyber threat landscape, Microsoft’s position at the top makes sense. Many attacks start when hackers gain access to a legitimate corporate email account.
Spoofed end-users are directed by Microsoft emails to realistic-looking (but hacker-controlled) log-in pages, which can trick them into entering their username and password.
And from there, cybercriminals are on their way to achieving their goals within an organisation, whatever they may be.
Follow The420.in on