Some say impersonation is the greatest form of flattery, but it this case, it’s all about email phishing. Cybercriminals use some companies more than others because they’re well-known globally and have better odds for success. A look at who these companies are and how to avoid email phishing in their name benefits us all.
According to APWG’s Phishing Activity Trends Report, the U.S. saw over one million email phishing attacks in the first quarter of this year alone, the highest total on record so far.
Email phishing is one of the most widespread types of cybercrime today, and a successful phishing campaign can do a world of damage to its victims. They can infect a device with malware like ransomware, lead to stolen identities, hijacked bank accounts, website spoofing, business email compromise, financial account compromise, and other cybercrimes.
Before we get to the big names, let’s take a look at what everyone can do to lower their chances of getting caught on a phishing lure.
How to Spot a Phishing Email
- “You Won Our Contest!” and other subject lines that push and pull on our emotions, or tell us an urgent response is required, are email phishing red flags.
- Keep all system software updated, especially anti-virus software. Use only trusted anti-virus solutions and always keep devices updated and security flaws patched.
- Be aware of bad spelling, bad grammar, and bad graphics. A legitimate email shouldn’t have any typos, bad grammar, fuzzy logos, or other poor graphics.
- Never provide personal information in an email you can’t verify is legitimate and never put information in email such as your social security number or passwords. Email is not a safe method for providing this information. Cyber creeps will take any sensitive information they steal get from you.
- Always use a good dose of common sense and think before you click. Phishing emails have malware attachments and malicious links in the message, and acting on them can be the first step to installing malware.
So, who are those organizations?
Amazon is a top contender for the title. It’s a globally recognized company that’s so easily known by name and sight. Hackers can’t resist using Amazon for email phishing since chances are, users are likely to trust, open and act on them.
For all those job seekers out there, LinkedIn is the top company used for email phishing bait. Many of these bogus emails are allegedly sent by “LinkedIn Security” and are sure to get a job searcher’s attention. Email titles like one that is actually legitimate, “You’ve appeared in 5 searches this week” as well as many other attention-grabbing headlines try to fool users into opening and acting on them.
In 2021, a new champion was crowned for most impersonated company, according to Check Point. That one was the logistics company DHL.
Of course, there are many phishing messages coming around each day appearing to be from Apple, Google, and even retailers like Walmart trying to get us to click links. And don't forget Facebook and it's messaging apps like WhatsApp.
Remember not to get in a rush when acting on email messages. Cybercriminals just hope you will be scared or anxious enough to click their links or open their attachments without thought. Take a bit of time and make sure it’s not going to snag you, if you do.