Exercise caution when you receive an email from Google — is it truly a legitimate electronic communication from the tech megacorp?
According to a new report from Check Point Research, the search engine giant is the most impersonated brand used by phishing attackers to lure unsuspecting victims into their fraudulent traps.
- Microsoft warns of 'massive' COVID-19 email phishing campaign
- Apple, Netflix among most imitated brands for phishing attacks
- Zoom, Google Hangouts attract phishing and malware hackers -- how to protect yourself
The most impersonated brands used by cybercriminals
Check Point Research published a similar report in Q1 of 2020. During that time, investigators discovered that Apple was the most impersonated brand used by cybercriminals followed by Netflix. Yahoo, WhatsApp and Paypal were in third, fourth and fifth place, respectively.
For Q2 of 2020, Check Point Research investigators spotted a change in behavior among the email phishing world — cybercriminals have their eye on a new set of brands with Google being at the top of their lists. In order of frequency, here are the most impersonated brands during the second quarter of this year:
Cybercriminals often impersonate these brands to lower email users' defenses and elicit trust from unsuspecting victims. Email phishing attackers lure their targets into fraudulent traps with links to malicious web pages that look similar to their clone's authentic website.
Check Point researchers observed a surge in email phishing during Q2 of 2020. In the first quarter of this year, email phishing was the third most popular avenue for cyberattacks. In the second quarter, email phishing exploits climbed to second place.
"The reason for this change may be the easing of global Covid-19 related restrictions, which have seen businesses re-opening and employees returning to work. Making up nearly a quarter of all phishing attacks, email phishing exploits targeted Microsoft, Outlook and Unicredit, in that order," the Check Point Research report stated.
Thankfully, as we reported in July, Google is rolling out a new feature to thwart phishing attacks. The search-engine giant plans on labeling authentic emails with official badges that signal to email users that the digital mail is coming from a legitimate source. Google calls these badges BIMI (Brand Indicators for Message Identification) logos.
Google is trialing BIMI logos with a limited number of Gmail users, but the company did not specify when the feature will be rolled out to everyone.