Are you receiving a random email from Microsoft, Facebook, and Paypal? Security researchers highly suggest you not open it since it can allow hackers and other online attackers to acquire your sensitive data and info.
Right now, phishing campaigns are evolving and targeting more users each day since people are now usually communicating through email services, such as Gmail. Facebook, Paypal, and Microsoft are some of the most popular companies that cybercriminals and other malicious actors are trying to impersonate.
Why? Because people tend to open an email if it is from one of them since they look more legitimate. Different studies revealed that phishing schemes are becoming more and more popular since giant companies and agencies are using email services to manage their businesses.
Are email phishing campaigns getting more rampant?
Experts said that hackers and online scammers are usually trying to fool their victims by impersonating tech giant firms. The security firm Vade Secure is the one that first discovered the email phishing campaigns that use the names of Microsoft, Facebook, and Paypal.
The security firm’s experts and researchers said that these malicious schemes started to grow in 2020 when the global COVID-19 pandemic started. They examined more than one billion mailboxes across the globe and the results were announced in Vade Secure’s Phishers’ Favorites report for 2020.
During the event, it was revealed that the Microsoft email phishing campaign is one of the most popular methods that hackers and online attackers are currently using. Microsoft retained its spot as the most-spoofed brand in 2020, having held that position throughout the year as users flocked to its Microsoft 365 collaboration platform during the pandemic.
On the other hand, other kinds of online message scams became even more rampant, with researchers seeing a massive growth previously in 2020. They said that these phishing campaigns usually send fake offers for facemasks, PPE (Personal Protective Equipment), and even vaccines, which just shows that these malicious schemes are becoming more serious issues.
Meanwhile, experts said that cloud services were the ones being impersonated the most by malicious actors. These include Apple, Dropbox, and Netflix. They are currently included in the top 20. On the other hand, Google and Adobe are now seeing significant growth in phishing URLs, making them number two and three on the list of most impersonated companies.
Adrien Gendre, Chief Product and Services Officer at Vade Secure, said that “organizations need to be aware that phishers and other threat actors are always looking out for new ways to target them.”
How to avoid getting scammed?
If you want to avoid opening a random message from big tech companies and getting fooled by the scammers, there are certain signs you need to look out for. But, before we go to that, here are some of the phishing techniques you need to know;
- Embedding a link in an email that redirects your employee to an unsecured website that requests sensitive information.
- Attempting to obtain company information over the phone by impersonating a known company vendor or IT department.
- Spoofing the sender address in an email to appear as a reputable source and request sensitive information.
- Installing a Trojan via a malicious email attachment or ad will allow the intruder to exploit loopholes and obtain sensitive information.
On the other hand, here are some methods you can use that would help you identify and prevent phishing message scams from being sent to your account;
- Require encryption for employees that are telecommuting.
- Install an antivirus solution, schedule signature updates, and monitor the antivirus status on all equipment.
- Deploy a web filter to block malicious websites.
- Encrypt all sensitive company information.
- Convert HTML email into text-only email messages or disable HTML email messages.
- Develop a security policy that includes but isn’t limited to password expiration and complexity.
- Keep all systems current with the latest security patches and updates.
We are a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for us to earn fees by linking to Amazon.com and affiliated sites.