Next on the list is popular payment gateway The PayPal provider ranked fourth, as its brand was used in 5.7% of emails representing the brand, followed by the professional social network LinkedIn, whose name was abused in 3.5% of the brand’s phishing campaigns. Microsoft (3%), web hosting Company 1 & 1 (2.5%), British telecom O2 (2.3%) social media giant Facebook (2.2%) and banking group HSBC (1.8%) were also on the list.
All of these numbers come from Hornetsecurity’s Cyber Threat Report 2021/22 which explores the state of global email threats.
Detect brand phishing email
The reason cybercriminals pretend to be these and other major brands is to reduce the protection of potential victims. After a victim is tricked into taking one of these phishing emails seriously, she is attracted to discover links to malicious websites designed to infect their devices. malware or steal their data.
While organizations can do very little to prevent cybercriminals from impersonating their brands online, consumers can protect themselves from falling victim to phishing campaigns by learning and remembering a few warning signs.
Because major brands have professional copywriters and editors who correct all emails and other messages sent to their customers, spelling and grammar errors are a dead end to the fact that the email is not official. Similarly, a mismatch between the sender’s address in one of these emails may indicate that the email is not legal.
Cybercriminals often use email addresses similar to the company’s official email address to deceive potential victims. Suspicious URLs and attachments are also an obvious gift when it comes to phishing emails.
Although those behind the brand’s phishing attacks may try to inoculate a sense of urgency to get users to respond, requests for confidential information are another red flag. This is because large businesses such as Amazon rarely, ever, ask their customers to provide confidential information via email.
Finally, if an email seems too good to be true, it probably is. Therefore, at all costs, avoid emails announcing that you have won the lottery, or other messages related to the subject.
Brand phishing won’t go anywhere anytime soon, as it can be a very lucrative business for cybercriminals, but being able to spot signs can help protect you from these campaigns and keep you from falling victim to identity theft.