Is that really an email from Microsoft or a phishing attack?
You’re no stranger to the endless threats lurking in your email inbox. But have you ever considered that an email which seems to be from Microsoft could end up being your worst nightmare?
Microsoft, the tech giant we all know and trust, has become the most imitated brand when it comes to phishing attacks. Phishing attacks are where someone sends you an email or text message that contains either malicious files or link that can deliver a payload that tries steal your data or cause intentional damage to your systems.
Let’s be clear, Microsoft isn’t to blame for this. Their brand is imitated because they are trusted and known across the globe.
According to Check Point Research (CPR), the Threat Intelligence arm of Check Point® Software Technologies Ltd, during the second quarter of 2023 Microsoft soared to the top spot of brands imitated by criminals, accounting for a whopping 29% of brand phishing attempts.
This pushes Microsoft well ahead of Google in second place (at 19.5%) and Apple in third place (at 5.2%). Overall, these three tech giants account for more than half of the observed brand imitator attacks.
So, how does this affect your business?
With advances in AI technology phishing scams are becoming harder and harder to detect. Brand imitation phishing attacks used to be very easy to spot due to grammatical issues, spelling mistakes and poor wording choice – not anymore.
The new iterations use legitimate-looking logos, colours, and fonts and to make things even harder to spot they often use domains or URLs that are like the real deal.
One of the latest attacks claims there has been unusual Microsoft account sign-in activity on your account, directing you to a malicious link. These links are designed to steal everything from login credentials to payment details.
What can you do to protect your business?
Here are two tips for your business to reduce chances of falling victim:
Tip # 1
Make sure that you are using a quality mail filtering system for your company’s email. Runtime uses and recommends MailGuard. MailGuard is an advanced email security/filtering service that scans all incoming/outgoing messages and weeds out potential nasties, best of all it is an Australian company.
Being an Australian company means that MailGuard are extremely quick to find and respond to phishing scams that imitate Australian business.
Tip # 2
Implement a training program to up skill your team. Take the time out of your busy schedule to talk to your team about the risks and dangers of phishing, and how to spot dodgy emails/text messages.
Runtime IT can visit your office to run training sessions for your team. We will give real world examples, show what to look for and better prepare you for the dangers lurking.
As always, prevention is better than cure. Make sure you have this a top priority for your business.
Call today to speak to one of our team about how we can help your business stay protected.