Business
Focused
Technology

Yahoo Suddenly Rises in Popularity in Q4 to Become the Most Impersonated Brand in Phishing Attacks

Completely absent from the top 10 brands for more than two years, Yahoo’s impersonation may indicate that scammers are looking for new attack angles using lesser-used brands.

Yes, of course, Yahoo is anything but insignificant. With revenues topping $8 billion, the search engine giant is still quite relevant today.

But in the world of phishing attacks using the impersonation of a major brand, Yahoo was down near 24th place. That is, until last quarter, when – according to CheckPoint’s security analysts determined that Yahoo jumped up 23 places to top the list of Top 10 Impersonated Brands in Q4 of 2022.

Surpassing brands we’ve become accustomed to seeing in the top 5 such as Microsoft, DHL, LinkedIn, Google, and Amazon, Yahoo was previously an impersonation afterthought. But it’s popularity last quarter indicates that there is a resurgence in its’ use as a known and trusted brand that can give scammers just enough credibility to see their phishing attacks succeed.

Offering awards and significant amounts of money, according to CheckPoint, the Yahoo-themed phishing scams sought to trick victims into giving up personal information – including Yahoo credentials.

The use of Yahoo’s brand says a few things about the state of phishing attacks. First, you only need a widely known brand – in essence, any known brand – to launch an impersonation scam. Second, we can only assume the attackers are seeing material success to jump 23 places. Third, with lots of impersonated brands representing those who organizations like your do business with (e.g., DHL, UPS, banks, etc.), users need to be educated through Security Awareness Training that just because you no longer see the impersonation equivalent of the age-old “Nigerian Prince” scam doesn’t mean it can’t pop up in an Inbox today.


Source: KnowBe4

Principal Owner, Marketing Firm

Bringing IT360 on as our technology services “department” was one of the smartest business decisions we’ve made. Over the years, we’ve tried various similar services and have also hired internal IT staff, and we’ve never felt confident that we were adequately supported. IT360 has changed all that. They not only provide proactive, comprehensive technical support and consulting, they engage with us in a way that feels like they are part of our company…a true business partner.

Principal Owner, Marketing Firm

Recent
Technology News

IT 360 News
Threats and Infrastructure

From Arctic Wolf SUMMARY On February 7, 2024, CISA issued an advisory detailing their discoveries concerning state-sponsored cyber actors linked to the People’s Republic of China (PRC). Notably, the PRC-affiliated threat actor, Volt Typhoon, is actively engaged in efforts to infiltrate IT networks, with the potential aim of launching cyberattacks on vital U.S. infrastructure in […]

Read more
IT 360 News
Multi-Factor Authentication

By Cybersecurity & Infrastructure Security Agency OVERVIEW Multi-factor authentication (MFA) is a layered approach to securing physical and logical access where a system requires a user to present a combination of two or more different authenticators to verify a user’s identity for login. MFA increases security because even if one authenticator becomes compromised, unauthorized users […]

Read more