Apple, Yahoo! and Netflix are top impersonated brands for phishing.

The simple explanation for phishing is the act of baiting an email or text that falsely claims to be an established legitimate enterprise, in an attempt to scam the user into surrendering private information that will be used for identity theft.

Checkpoint Research recently announced that Apple is the most impersonated brand, with Yahoo! as most imitated brand for email-based phishing, and Netflix as the most imitated for mobile-based phishing attempts.

 

 

Phishing emails and texts will typically direct the user to visit a website where they are asked to update personal information, such as a password, credit card, social security, or bank account numbers, that the legitimate organisation already has. The website, however, is bogus and will capture and steal any information the user enters on the page.

We are all getting used to these attempts to steal our information but some vulnerable people fall foul.

There are however a couple of steps you can take to verify the legitimacy of sender:

  • Senders pretend to be someone they are not, but when you reply the address in the To: field will display the crook’s address. When replying, make sure you are sending to the correct address.
  • When there is a link in the email, even though it looks legitimate once opened, double check the URL and make sure the domain is correct.
  • If an email has gone to the junk folder, 99% of the time it is because your email provider knows it to be spam.

How to protect yourself and your business:

  • Anti-virus & Anti-spyware Software – Ensure you have a software protection solution in place that is suitable for your business and don’t forget to evaluate its effectiveness on a regular basis.
  • Staff Training – Your staff can be one of your biggest threats when it comes to hackers gaining access to your systems. We suggest you carry out some form of cyber crime training with your team – their awareness and knowledge is key!
  • Never share your Apple ID password or verification codes with anyone.
  • Use complex passwords and Multi Factor Authentication where possible especially for the popular targeted brands.
  • Keep your operating systems on your phone and computers updated.

If you think your security has been breached you can use Have I Been Pawned to see if you have had any data breeches.

Speak to us if you would like to learn more about phishing, how to protect yourself and general cyber security. Stay safe!