Watch out – that unexpected Microsoft alert could well be a phishing attack
Microsoft is now the most imitated brand when it comes to phishing attacks, new research has warned
The latest findings from Check Point’s Threat Intelligence division found that during the second quarter of 2023, Microsoft climbed to top place, up from third in the previous quarter, accounting for 29% of brand phishing attempts, placing it far ahead of Google in second place (at 19.5%) and Apple in third place (at 5.2%). Together, the three tech titans account for more than half of the observed brand imitator attacks.
Despite a clear rise in fake emails for millions of Windows and Microsoft 365 customers worldwide, Check Point stresses that careful observation can reveal patterns that help protect from identity theft and fraud attacks.
Microsoft phishing on the rise
Check Point Software Data Group Manager Omer Dembinsky said: “While the most impersonated brands move around quarter to quarter, the tactics that cybercriminals use scarcely do,” pointing at the legitimate-looking logos, colors, and fonts used by attackers.
Phishing scams will also typically use domains or URLs that are closely related to the real deal, but taking the time to scan these and the content of any messages will often reveal a series of intended and unintended typos and errors, all of which are telltale signs of a phishing attack.
One of the most recent attacks witnessed by Check Point analysts has been one relating to unusual Microsoft account sign-in activity, which directs users to a malicious link. These links are designed to steal any manner of information, from login credentials to more sinister material, like payment methods.
While tech firms continue to be the subject of popular scams, many threat actors have also been seen turning to financial services like online banking, gift cards, and online shopping orders. Wells Fargo and Amazon both rounded up the top five during Q2 2023, accounting for 4.2% and 4% of brand phishing attempts respectively.
Checking for the above-mentioned discrepancies in URLs, domains, and message text, go a long way to protecting victims from unwillingly handing over personal information, and the best course of action when it comes to phishing is just to slow down, observe, and analyze.