Watch Out for Brand Phishing: Amazon and Google Copycats Increase

This year has seen a large increase in brand-phishing attacks. Phishing is a type of cybercrime in which the victims are targeted using email, telephone, or text message. 

The goal of phishing campaigns is to obtain sensitive information or data, such as usernames, passwords, and credit card details. Companies like amazon and google are brands that have been imitated in many brand phishing campaigns.  

What is brand phishing?

Brand phishing occurs when brands are imitated in written communication in order to obtain private data. Often brand phishing targets existing customers of the particular brand in question, persuading them to enter information. 

Phishing can often be very convincing, as the branding on an email looks like it’s come from the actual company. The hacker may choose to imitate the logo, fonts, common messages, and other aspects of the company’s messaging to increase legitimacy. 

How does brand phishing work?

When attempting brand phishing, cybercriminals will attempt to imitate the official website of a well-established brand by using a similar domain name or URL and aspects of the design of the actual site. These details often lure people to mistake the phishing email or text message to be genuine. 

Cybercriminals usually choose brands that they think their victims are likely to trust. Many people receive a spoof email from “Google” or “Amazon” that they know they are associated with and instantly worry about their account. 

Which brands are commonly imitated?

Amazon and Google, some of the world’s most reputable and commonly-used companies, are up at the top of the list of brands that are commonly imitated. 

Other typically trusted brands that are frequently used for phishing campaigns at the moment include:

  • WhatsApp
  • Facebook
  • Microsoft
  • Outlook

These are just a few of the brands to watch out for. If you ever receive a confusing email asking you urgently for personal information or bank details from one of these companies, be sure to check the sender’s email address. 

If you still are unsure if the email is legitimate, contact the company directly and inquire about any possible issues with your account.

How to recognize brand phishing attacks

There are telltale signs that you might be a victim of a brand phishing attack. If you receive a malicious email imitating a well-known brand, this won’t cause any harm to your network and system, or put your data at risk, as long as you don’t click any attachments or links.

One of the signs is if the email is sent from a public email domain. No legitimate organizations will have an email address ending in gmail.com for example. Always look at the email address. 

Poor spelling and English, in general, is another clear indicator the email could be phishing. Look out for suspicious links as well. These often won’t match up to the rest of the email, message, or the brand. 

As long as you’re aware of these signs, and stay alert when you check your emails and messages, you can stay safe from brand phishing. If you want a reputable company to install anti-malware security systems to you business’s or personal computers, be sure to contact a reliable managed IT provider such as those from Indiana cybersecurity services.