June 4, 2020

June 04, 2020

Subscribe to Latest Legal News and Analysis

June 03, 2020

Subscribe to Latest Legal News and Analysis

June 02, 2020

Subscribe to Latest Legal News and Analysis

Privacy Tip #226 – Beware – Well-Known Brands Used for Phishing Schemes

A new study by Check Point Research shows that cybercriminals are using well-known brands to lure victims into clicking on nefarious links, providing personal information or credentials, or getting users to transfer money. 

This is an old malware trick that we used to see and now recognize. Scammers send a phishing email after copying and pasting the logo of Federal Express, UPS or a bank, and request that the recipient click on a link or provide a payment. 

The criminals are using other brands now, and according to Check Point Research, in the last quarter of 2019, the brands used most often to target victims with phishing emails included Facebook (18 percent of all phishing attempts globally), Yahoo (11 percent), Netflix (5 percent), PayPal (5 percent), Microsoft (3 percent), Spotify (3 percent), Apple (2 percent), Google (2 percent), Chase (2 percent) and Ray-Ban (2 percent). Although the percentages seem small, remember that these are global statistics. That is a lot of phishing emails using those brands.

At one point, the imitation of Microsoft got so bad that Microsoft issued a warning to U.S. officials, think tanks, peace organizations, university staff, and individuals working on nuclear technology to beware of phishing emails targeting them by fraudsters using Microsoft’s brand.

The trick is the same—the fraudsters transpose one letter in the email address or delete one letter to make someone think it is real and not notice the transposed or missing letter.

Phishing emails continue to be the most frequent attack vector of ransomware attacks, so reading emails with an eagle eye, scrutinizing anything received through email, and being wicked paranoid is crucial to protecting personal and business systems.

Copyright © 2020 Robinson & Cole LLP. All rights reserved.


About this Author

Linn F. Freedman, Robinson Cole Law Firm, Cybersecurity and Litigation Law Attorney, Providence

Linn Freedman practices in data privacy and security law, cybersecurity, and complex litigation. She provides guidance on data privacy and cybersecurity compliance to a full range of public and private clients across all industries, such as construction, education, health care, insurance, manufacturing, real estate, utilities and critical infrastructure, marine, and charitable organizations. Linn is a member of the firm's Business Litigation Group and chairs its Data Privacy + Cybersecurity Team. She is also a member of the Financial Services Cyber-Compliance Team (CyFi ...