1 min read

Top 10 Brands That Phishing Attackers Use to Scam Users

Scammers delight in impersonating government agencies and well-known brands to lure email recipients into giving up their personal information. That information is then either exploited directly or sold to the highest bidder on the Dark Web.

Have you ever wondered which agencies, companies or brands are the most imitated by these attackers?

Whether you have or not it should come as no surprise that someone is tracking that.  Security firm Checkpoint is tracking it to be precise.

Quite often Microsoft tops the list but this year they’ve been dethroned by shipping company DHL. That may not be surprising given the realities of the pandemic and the rise in popularity of online shopping.

Here is the list of the top ten for this year from their report:

  1. DHL (impersonated in 23 percent of all phishing attacks, globally)
  2. Microsoft (20 percent)
  3. WhatsApp (11 percent)
  4. Google (10 percent)
  5. LinkedIn (8 percent)
  6. Amazon (4 percent)
  7. FedEx (3 percent)
  8. Roblox (3 percent)
  9. Paypal (2 percent)
  10. Apple (2 percent)

The specific lure used in each of these cases varies wildly.  For instance, when a scammer spoofs a shipping company the email is typically some variation of “we’re trying to deliver a package to you but are having problems, press this button for more information.”

While PayPal scams typically go the route of “Your account has been temporarily suspended.  Please click here to verify your information.”

Microsoft and Google are commonly spoofed in various software giveaway schemes. Or in the case of Google some variation of “click here to claim your free Chromebook.”

Now that you are armed with a list of the most often imitated brands you at least have a list of things to be on the lookout for.  The best defense is vigilance just like always.  If it sounds too good to be true it probably is and don’t ever click on embedded links even if you think you know and trust the sender.

Used with permission from Article Aggregator

The Cybersecurity Tools Are Fine. The Strategy Is What's Missing

The Cybersecurity Tools Are Fine. The Strategy Is What's Missing

TL;DR: Most businesses that experience a serious cyber incident had security tools in place when it happened. The problem isn't the firewall or the...

Read the full blog
What Your Law Firm's Ethical Obligations Actually Require from Your IT Infrastructure

What Your Law Firm's Ethical Obligations Actually Require from Your IT Infrastructure

TL;DR: Law firms holding privileged client data aren't just security targets; they're ethical custodians with documented obligations under ABA Model...

Read the full blog
Your Law Firm's IT Partner Is Either an Asset or a Liability. Which One Do You Have?

Your Law Firm's IT Partner Is Either an Asset or a Liability. Which One Do You Have?

TL;DR: Most law firms don't have an IT problem; they have an IT partner problem. A generalist provider can keep the lights on, but supporting legal...

Read the full blog

1 min read

Microsoft Help Files Are Being Used To Distribute This Spyware

Diana Lopera is a researcher for Trustwave Cybersecurity and has stumbled across something that’s one part interesting and one part disturbing.

Read the full blog

1 min read

Mac Malware is Becoming a Bigger Threat for Users

In late 2020 a new strain of malware called UpdateAgent appeared and began infecting Mac users.

Read the full blog

1 min read

Massive Phishing Attack Scammed Millions of Facebook Messenger Users

According to research conducted by the cybersecurity firm PIXM, there is a massive phishing campaign that peaked in April and May of this year (2022)...

Read the full blog