Scammers Are Using These 10 Popular Brands To Trick You Into Revealing Your Private Data
BY LISA & BRIAN JOHNSON
Cybercriminals know the easiest way to sneak under your radar is to pretend to be a brand you know and trust . These large companies have spent years on marketing , customer service , branding and consistency to build a trustworthy reputation , and hackers leverage this to go after you .
The most common method is to use phishing attacks . These thieves set up URLs that look scarily similar to the real company ’ s website . To slip by your watchful eye , here are some of the simple switches hackers make that can go unnoticed :
1 . Switching out a zero for the letter “ O ” or a capital “ i ” for a lowercase “ L .” If you ’ re quickly reading an e-mail , it might look legit .
2 . Adding in a word that seems like it could be a subdomain of the real company , like “ info @ googleservice . com .”
3 . Using a different domain extension , like “ info @ google . io .”
Some criminals will take it a step further and set up a web page that looks identical to that of the real website . When you click the link – via e-mail , SMS or even through social media – several dangerous results can occur .
The first is that malware can be installed on your computer . Clicking a bad link can set off an automatic malware download that contains malicious files with the ability to collect personally identifiable information from your device , like usernames , credit card or bank account numbers and more .
The second is the fake website will have a form to harvest your information . This could be login credentials , passwords and , in some cases , your credit or bank information .
The third most common issue is an open redirect . The link might look legit , but when you click on it , you ’ re redirected to a malicious website where the intent is to steal your information .
What brand impersonations do you need to look out for ? Well , all of them , but according to Check Point ’ s latest Brand Phishing Report , there are 10 companies that top the chart in overall appearance in brand phishing attempts .
Here are the top 10 most frequently impersonated brands in phishing attempts in Q2 of 2023 : Microsoft ( 29 %), Google ( 19.5 %), Apple ( 5.2 %), Wells Fargo ( 4.2 %), Amazon ( 4 %), Walmart ( 3.9 %), Roblox ( 3.8 %), LinkedIn ( 3 %), Home Depot ( 2.5 %) and Facebook ( 2.1 %).
Take a minute and ask yourself how many of the companies on this list send you regular e-mail communications . Even just one puts you at risk
Cybercriminals go the full mile with these scams . They know what types of messages work best for each company to get your attention .
Here are three common phishing attacks cybercriminals have used under these brands ’ good names to gain access to your private information .
1 . Unusual Activity – These types of e-mails will suggest that someone gained access to your account and you need to change your password quickly . They leverage fear so people will click without thinking , hurrying to change their password before they ’ re a victim of the attack .
They usually have buttons that say , “ Review Recent Activity ” or “ Click Here To Change Your Password .”
These e-mails can go as far as to show fake login information detailing the region , IP address , time of sign-in and more , like real messages from the companies do to convince you to click .
2 . Fake Gift Cards – These e-mails suggest that someone sent you an e-gift card . When you open the e-mail , they either redirect you to a website to “ claim your gift card ” or have a button to “ redeem now .”
3 . Account Verification Required – These e-mails suggest that your account has been disconnected , and they need you to verify your information . As soon as you enter your login credentials , the hacker has access .
These scams are happening every single day . You ’ re a target , but so are the unsuspecting employees in your company . Without proper training , they might not know what to look for , panic and try to resolve these “ issues ” under the radar , ultimately causing the problem .
There are multiple steps to making sure your network is secure . One would be getting e-mail monitoring to help reduce the likelihood of these phishing e-mails ending up in your inbox . It ’ s also important to make sure employees know what to look for so that if an e-mail does get by the phishing detection system , they can still keep your company safe .
The best thing to do is to call us or visit our website to schedule your FREE Cybersecurity Risk Assessment . We ’ ll evaluate your network and provide a full report on areas where you are vulnerable and what to do to fix them . There ’ s no obligation , but you should know where you ’ re at risk . Call us to schedule your assessment now .
Lisa & Brian Johnson are the Owners of AVC Technology . They are based in Indiana and to find out more about what they do and how they could help you , please visit AVCTechCorp . com .
15