Online criminals most often spoof these trusted brands in their phishing attacks
We tend to trust certain consumer brands, so if we get an email that appears to be from one of them, such as Microsoft, Facebook or Netflix Apple, we may be willing to click a link to get a coupon or special deal.
Caution: That link could be malicious. And if it is, you could give a cyber thief important personal information.
“They’re looking at getting your credentials or user name, and because we use those same credentials across multiple accounts, it gives them access to lots of others things that you definitely don’t want them to have access to,” said Christopher Scott with IBM X-Force IRIS, the company’s Instant Response and Intelligence Services.
Here are the top brands that are spoofed in phishing attacks, according to IBM: Google (39% of the time), YouTube (17% of the time), Apple (15 percent of the time) and Amazon (12 percent of the time).
Rather than click on a link, use a retailer’s app or go to the store’s website to get special promotions.
“Don’t trust the link in the email, because if they’re providing you with an event or a coupon, they’re going to provide that to you in your account, and that way you’re not getting sent to an account that you don’t intend to go to,” Scott said.
More Info: IBM X-Force: Stolen Credentials and Vulnerabilities Weaponized Against Businesses in 2019
