Phishing attacks remain one of the most common entry vectors for threat actors seeking to compromise an organization or an individual’s device or network. A particularly effective phishing tactic is brand impersonation, when adversaries attempt to mimic a website or domain of a well-known brand by using a similar domain name and webpage designed like the actual site. A recent report from the IT company Check Point identifies the top brands criminals impersonated in brand phishing attacks in the fourth quarter of 2021. The top three impersonated brands last quarter were DHL, Microsoft, and WhatsApp. This is in slight contrast to last year’s top impersonated brands which were Microsoft, DHL, and LinkedIn. Members are encouraged to include top brands most likely to be impersonated in cybersecurity awareness reminders and users should be encouraged to scrutinize (not trust) emails appearing to come from these and other top brands. In addition, remind users to always be wary of messages that require urgent actions and ones that ask a user to click on a link or attachment. Users should reach out to the purported sender via another means of communication to confirm its authenticity. Read more at HelpNetSecurity.
H2Oex: In Person 1 day event/exercise. Thurs Dec 5th. Washington DC. Join us!