When crooks try to steal sensitive information or banking data via phishing, they have increasingly been impersonating Yahoo to try and trick their victims, new research has claimed.
Experts at Check Point Research analyzed the most frequently imitated brands in the fourth quarter of 2022. According to the report, a fifth (20%) of all phishing attacks that happened in October, November, and December 2022 impersonated Yahoo, which climbed 23 places to become the most spoofed brand for the period.
Usually, crooks would create emails notifying victims they had won an “award” or “prize money” after a competition organized by Yahoo. To receive the award, or payment (usually in hundreds of thousands of dollars), the victims are asked to share their personal details, including banking details.
TechRadar Pro needs you! We want to build a better website for our readers, and we need your help! You can do your bit by filling out our survey and telling us your opinions and views about the tech industry in 2023. It will only take a few minutes and all your answers will be anonymous and confidential. Thank you again for helping us make TechRadar Pro even better.
D. Athow, Managing Editor
DHL, Microsoft, and LinkedIn
The email also warns the victims not to talk to people about it because of “legal issues”.
Generally speaking, the tech industry is the most impersonated one, Check Point Research further claims. DHL was the second most impersonated brand, taking up 16% of all attacks.
The fourth quarter of the year is the holiday season, with Black Friday, Cyber Monday, Christmas, and the New Year, all being reasons for increased shopping and thus, increased DHL impersonation.
With 11%, Microsoft rounded off the top three. After briefly falling further down the list, LinkedIn returned to fifth place, taking up 5.7% of all phishing attacks.
Phishing remains one of the most popular (and successful) formats of cyberattacks and cyber-fraud. By preying on gullible and distracted users, criminals are able to trick them into giving away plenty of sensitive information. In some cases, they’re even able to get them to download and run various malware, which can lead to even more dangerous attacks, such as ransomware.
The best way to protect against phishing is to always be vigilant when receiving emails and not believe anything without double-checking the authenticity.
- Here's our list of the best endpoint protection services right now
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.