Web services company Yahoo was the most impersonated brand in phishing attacks over the last three months of 2022. This is according to cybersecurity firm Check Point"s latest Brand Phishing report, which highlights the brands that threat actors imitate the most to lure people into divulging their personal data.
The report said that 20% of brand phishing attempts imitated Yahoo. This is reportedly a result of phishing campaigns wherein cybercriminals sent emails containing the subject "Yahoo Award" and senders like "Award Promotion," "Award Center," "Info winning," or "Award Winning."
The email"s content informed recipients that they had won hundreds of thousands of dollars courtesy of Yahoo. To be able to claim this, however, they had to send their personal information and banking details — an obvious ruse to steal the victim"s sensitive data. The email even goes as far as telling recipients not to tell people about winning the prize due to legal issues.
DHL is the second most impersonated brand in Check Point"s report at 16% , while Microsoft holds the third spot at 11%. Other brands that made the list include Google, LinkedIn, WeTransfer, Netflix, FedEx, HSBC, and WhatsApp.
Finally, the study found that technology was the industry most likely to be imitated by phishers in 4Q"22, followed by shipping and social networks.
To protect yourself from phishing attacks, always be cautious when opening links or downloading attachments from unsolicited emails as they could contain malware. Also, make it a habit to check the URL of the site you"re on. For instance, if the URL doesn"t start with yahoo.com, then it"s likely fraudulent. Lastly, enable two-factor authentication if available to ensure that threat actors will not be able to infiltrate your account even if you accidentally give them your username and password.
Source: Check Point Security