Latest phishing fad: Brand impersonation

For cyber crooks, brand impersonation is the phishing fad of the moment.

Here’s what happening with increasing frequency. Posing as familiar companies or services, hackers will send an enticing email that appears realistic and projects an air of legitimacy. Clicking on a link in the email will direct victims to a login page that looks like the real thing but is fake. Entering your login information here will give them access to one or more of your accounts which they can use to steal your data or even launch more attacks.

The most deceiving part of some of these fake pages is that the web address appears to be safe. The URL may end with a legitimate domain like “windows.net” because the bad guys are hosting these pages with Microsoft’s Azure cloud services.

But you can send these phishing phonies home empty-handed. Remember these tips to protect yourself from these criminals:

• Look out for strange or suspicious domains in senders’ email addresses. Even if the domain looks legitimate, check again. Does the email say “micronsoft.com” instead of “microsoft.com”?
• Before clicking, always hover over links to see where they are taking you. Never click on a link in a message unless you’re certain the sender is legitimate.
• Whenever you get an email from an online service you use, log in to your account through your browser and not through links in the email to check whether the email message is valid.