Web services company Yahoo was the most impersonated brand in phishing attacks in the last three months of 2022. Cybersecurity firm Check Point has released its latest brand phishing report, which highlights the brands that cybercriminals impersonate the most to lure people into giving away their personal data.
According to the report, 20 percent of branded phishing attempts impersonate Yahoo, and emails sent by cybercriminals contain the subject lines “Yahoo Award” and “Award Promotion,” ” Award Center,” “Info winning” or “Award Winning” senders.
The content of the email tells the recipient that they have won hundreds of thousands of dollars from Yahoo! However, in order to receive the winnings, users had to send their personal information and bank details — in an apparent attempt to steal sensitive data from victims. The email even told recipients they couldn’t tell anyone else about the winnings because of legal issues.
DHL was the second most impersonated brand in the Check Point report at 16 percent, while Microsoft came in third with 11 percent. Other brands on the list include Google, LinkedIn, WeTransfer, Netflix, FedEx, HSBC and WhatsApp.
Finally, the study found that technology was the industry phishers were most likely to impersonate in the fourth quarter of 2022, followed by shipping and social networking.
To protect yourself from phishing attacks, always be cautious when opening links or downloading attachments from unsolicited emails, as they may contain malware. Also, make it a habit to check the URLs of relevant websites. For example, if the URL does not start with yahoo.com, it is likely to be fraudulent. Finally, enable two-factor authentication (if available) to ensure that cybercriminals cannot infiltrate a user’s account even if the user accidentally provides a username and password to the public.
