Yahoo wins the Oscar… for the most impersonated brand for phishing


Mathieu Grumiaux

January 25, 2023 at 9:50 a.m.

1

yahoo-new-logo-headquarters.png © Yahoo

© Yahoo

Many Internet users have not used its services for a long time, but the brand is still strong enough to be used by scammers.

No one has forgotten Yahoo. At the end of the 1990s, then at the beginning of the 2000s, the American company was one of the pioneers of the Web and an essential destination for accessing all the information available on the Internet, in particular through its famous portal.

One in five fraudulent emails impersonate Yahoo

Since this prosperous period, Yahoo is only a shadow of itself. Caught up by Google in the field of online research, the search engine has gradually been neglected by users, and the company, sold several times, has never regained its former glory.

But if Internet users no longer go to Yahoo, his name remains etched in the collective unconscious, and many scammers know it perfectly well. That’s why Yahoo is the most spoofed brand in global phishing campaigns today, according to research from cybersecurity analyst firm Check Point.

Thus, nearly 20% of phishing campaigns use Yahoo’s image to try to retrieve personal information from targeted users, i.e. one in five e-mails using the purple logo and the famous exclamation point of the brand.

The e-mails sent promised the recipients prizes of several thousand dollars and had the catchy terms “Yahoo Award” or “Info winning” as their subjects. The alleged winners had to click on a link present in the body of the message in order to communicate their banking information, quickly recovered by the scammers.

The tech sector is the most used by scammers to trick Internet users

Yahoo isn’t the only brand whose image has been hijacked by hackers. The study tells us that the second most common company used for these phishing campaigns is DHL, with 16% of affected emails bearing the courier’s logo. Microsoft completes the podium, with 11% of emails.

Other brands most frequently spoofed include some of the biggest names in global tech like Google, LinkedIn, WeTransfer, Netflix, but also HSBC bank and delivery company FedEx.

We therefore remind you for all practical purposes that large companies will never ask you to enter your banking information on a form, but from your customer area. If in doubt about the origin of an e-mail that seems suspicious to you, first log in to your account or contact your customer service, but never send your personal data, as this could cost you dearly.

What are the most spoofed brands for phishing?

It is a ranking among the most damaging of the year 2021 which has just been published by Check Point Research. Indeed, it gives pride of place to phishing.
Read more

Source : Neowin



Source link -99