- Brand Impersonation attack is a form of phishing attack where attackers pretend to be from a trusted brand/company.
- The motive behind these attacks is to steal personal information and sell it to others, to initiate fund transfer and ruin the reputation of an organization.
According to the latest report from Agari’s Cyber Intelligence Division, it has been found that brand impersonation remains the most common attack vector among hackers. Attackers leveraged the attack technique to perform 50 percent of the total advanced email attacks recorded in Q4 2018.
Interestingly, most of these attacks (70 percent) were carried out by impersonating Microsoft. This software giant is often a target for credential phishing as attackers can use Office 365 accounts to conduct subsequent Account Takeover attacks.
What is a Brand Impersonation attack?
Brand Impersonation attack is a form of phishing attack where attackers pretend to be from a trusted brand/company and send out malicious emails to their targeted victims. It is a sub-set of Brandjacking attack. Such attacks are generally used to target corporate employees. The motive behind these attacks is to steal personal information and sell it to others, to initiate fund transfer and ruin the reputation of an organization.
How do hackers impersonate a brand?
Hackers follow three different tactics to deceive the target. They are as follows:
- Hackers buy domains that look similar to the domain of a known brand. They create a new email ID using a similar name and later use it to send emails to the target asking them to respond urgently.
- Fake-looking legitimate URL is used to trick users into believing that they are actually clicking on a reliable link. This phishing link comes attached with the email and may contain info-stealing malware or redirect users to a fake website.
- Hackers also use source forgery to manipulate the ‘From’ address in an email to make it look genuine. This can be done by using SMTP services and other online tools.
Apart from Microsoft, hackers have also impersonated several other organizations such as Netflix, Bank of America and Amazon to make away with a huge amount of money.
How to beat the attack?
A careful look at the sender’s detail can help you combat the attack. Always check for spelling mistakes and grammar as these are the red flags for such attacks. Implementing anti-email spoofing tools such as DMARC, DKIM and SPF can help you identify any spoofed email. Proper attention should be given to message content, including attachments and URLs.