When it comes to phishing and other scams, as a society, we’ve largely grasped the age-old “don’t click on things you don’t recognize” advice. However, threat actors turned that age-old advice against us years ago when they began leveraging well-known brands to trick us into clicking on their malicious links and attachments. The success of social engineering based cyber attacks relies on trust and it’s the trust those brands have already engendered that give scams the air of credibility. The brand has done the hard work of gaining our trust and all the threat actor has to do is exploit that trust. WaterISAC has repeatedly shared reports of top impersonated brands, including most recently Microsoft Top Brand Impersonated in Phishing Attacks During First Half of 2022, but it bears emphasis as nary a day goes by without a scam impersonating or otherwise leveraging a trustworthy brand, person, or platform for a variety of nefarious outcomes. Brands such as Amazon, AMEX, Adobe Acrobat, Microsoft, Discord, Telegram, Skype, 7zip, Instagram, Snapchat, Facebook, WhatsApp, FedEx, UPS, DHL, just to name a few, are some of the most impersonated. A recent report from Google Cloud's VirusTotal research team discusses how cyber actors deploy abuse-of-trust approaches to distribute malware and mimic legitimate applications. For more on abuse-of-trust approaches visit DarkReading and BleepingComputer.
WaterISAC regularly highlights these types campaigns so members can forward them on to users as security awareness reminders to stress the importance of being skeptical about everything. Just because it appears trustworthy, doesn’t mean it’s to be trusted.