Please fill in the form below to subscribe to our blog

Employees See Messages from These Impersonated Brands Daily

January 20, 2022

Cybercriminals Camoflauge Their Messages in the Trappings of Familiar Brands


Brand impersonation is back in the news. A major threat to businesses, this troubling trend looks set to continue its upward trajectory as a popular ploy of the bad guys into 2022. Masquerading as a trustworthy correspondent is one of the oldest tricks in the book for a reason: it works. It’s still a go-to for cybercriminals as well because it tends to be effective. Employees are likely to approach messages from trusted brands that they interact with frequently like Microsoft or Amazon with a higher degree of trust that cybercriminals can leverage to slip malicious messages past their defenses.    


The Guide to Reducing Insider Risk can help IT pros stop security incidents before they start! GET IT>>


Brand Impersonation is a Rising Star


Brand impersonation had a big year 2021, bringing fresh danger to employee inboxes. The Verizon Data Breach Investigations Report 2021 shows the rapid rise of brand impersonation, called Misrepresentation in this instance, clocking in 15 times higher than it did in 2020. The DBIR notes that this growing category is an aspect of social engineering and a direct precursor to business email compromise attacks. Continued reliance on email as remote work continues and increasing sophistication of phishing messages is a powerful combination for trouble from brand impersonation scams. Employees encounter this threat frequently – 25% of all branded emails that companies receive are spoofed or brand impersonation attempts.   

While brand impersonation isn’t a scheme that changes a great deal in substance, the brands that cybercriminals enjoy impersonating do. New data about the most imitated brands of 2021 shows a few changes in the lineup that reflect the impact of the pandemic. The new champion at the end of 2021 was DHL, the star of about 23% of all phishing attacks. That’s a change, traditionally Microsoft tops the list. But they didn’t fall far from their usual dominance. Microsoft clocked in at number two at 20%, followed by WhatsApp at 11% and Google at 10%.  A few steps off the leaderboard finds other common brands that cybercriminals favor: WhatsApp (11%), Google (10%), LinkedIn (8%), Amazon (4%), Roblox (3%), FedEx (3%), PayPal (2%) and Apple (2%). Facebook (now Meta) dropped out of the list.  

Microsoft has long been the cybercriminal go-to for brand impersonation and spoofing. Phishing with attachments is a familiar foe for IT professionals. It’s also been a staple for attacks using malicious email attachments as well. Employees handle a lot of Office files. That’s why they made up 48% of malicious email attachments in an email traffic study.  Microsoft Office formats like Word, PowerPoint and Excel are also popular file extensions for cybercriminals to use when transmitting malware via email, accounting for 38% of phishing attacks. The next most popular delivery method: archived files such as .zip and .jar, which account for about 37% of malicious transmissions.   


Can you spot a phishing email? This infographic shows you how to detect one! DOWNLOAD IT>>


Cybercriminals Have More Phishing Opporunites Than They Used To


Everyone is sending a lot of email these days. If email volume continues to trend the way that experts expect, it is estimated to reach over 376.4 billion daily messages by 2025.  That increase in email volume has given the bad guys a wealth of opportunities to pursue phishing, and they’re not hesitating to capitalize on those opportunities. The bad guys launched a tidal wave of phishing attacks in 2021. 80% of IT professionals said that their organizations faced an increase in the number of phishing attacks that they saw in 2021. Unfortunately, more phishing attempts have translated into more phishing attack disasters for many companies. An estimated 74% of respondents in the same survey said that their companies had been successfully phished in the last year.    

Plus, brand impersonation and spoofing can be especially tricky for employees to detect. Those messages are often highly sophisticated, and that’s bad news for businesses – 97% of employees cannot recognize sophisticated phishing threats. Some of that lack of skill can be chalked up to a lack of security awareness training that leaves employees unsure of themselves when they’re confronted with a possible phishing email or even oblivious to the threat a phishing message represents. Another reason is social engineering. Many employees are afraid they’ll miss an important message or make the wrong move in providing information to a client or superior – setting their employers up for trouble. 


50% of IT pros do not believe their organization is prepared to repel a ransomware attack. Is yours? Build stronger defenses with the strategy in Ransomware Exposed. DOWNLOAD NOW>>


Be Careful Who You Trust


Social engineering works and cybercriminals are quick to rely on it to get the job done. That’s why 98% of cyberattacks contain one or more elements of social engineering; people are very likely to fall for it. Brand impersonation is a great example of how social engineering can be used to perpetrate cybercrime, in this case, fraud and phishing. Bad actors using this technique know to not just choose brands that are perceived as trustworthy but are also common for employees to correspond with to avoid raising suspicion. That gives them an edge in convincing their victims to take further actions like entering a password or transferring money.  

Cybercriminals are doing an excellent job of fooling employees into thinking that their messages are genuine. Unfortunately for businesses, that means that employees are not hesitating to click malicious links, hand over their passwords or otherwise interact with messages. They often don’t even think that anything could be wrong in a well-crafted spoofed message from a trustworthy brand, even if it seems slightly odd. A whopping 50% of users will click on a link from a scammer without concern that it may be unsafe. That’s not just one industry’s problem either. In a survey of responses to phishing simulations, every industry had problems with employees clicking on a phishing email. CyberNews reports that 1 in 3 employees are likely to click the links in phishing emails, and 1 in 8 employees are likely to share information requested in a phishing email.  


Is someone’s behavior suspicious? Learn to spot trouble fast with 5 Red Flags That Point to a Malicious Insider at Work.  DOWNLOAD IT>>


Security Awareness Training is the Answer


Security awareness training empowers employees to resist phishing lures to spot and stop cyberattacks before they start. It also reduces a company’s chance of having a damaging cybersecurity incident by up to 70%. Get started quickly and painlessly with an easy, effective security awareness training program using BullPhish ID. 

  • Don’t just train employees about phishing –get them up to speed on threats like ransomware, smart security behaviors and compliance too.    
  • Make training and tracking a snap with personalized portals for every user, enabling trainers to painlessly track and assign training.    
  • Use premade plug-and-play kits and videos or customize training materials to reflect the unique industry threats that employees face daily.   

Let us help you get a strong phishing defense in place right away to lower data breach risk fast. Contact an ID Agent solutions expert now for a personalized demo of our award-winning solutions.   


Are you ready to slay the Monsters of Cybersecurity? This checklist tells you what you’ll need to succeed! GET CHECKLIST>>



let us help secure you against passwords reuse with contact information and the ID Agent logo on grey.

Our Partners typically realize ROI in 30 days or less. Contact us today to learn why 3,850 MSPs in 30+ countries choose to Partner with ID Agent!

LEARN MORE>>


Is your password compromised? Find out in seconds!

USE OUR PASSWORD COMPROMISE CHECKER>>


Book your demo of Dark Web ID, BullPhish ID and Passly now!

SCHEDULE IT NOW>>