Consumers should be wary of fraudulent emails claiming to be from big American brands, according to a new report.
The top 5 brands exploited by scammers in 2020 were Amazon, Apple, Social Security Administration, Microsoft and Bank of America, according to research by CrowdStrike, a cybersecurity firm.
Amazon was the most “spoofed” by phishing attackers in 2020, accounting for 41.5% of all complaints filed with the Federal Trade Commission, totaling 1,262 phishing incidents, CrowdStrike said, adding that many more had not been reported.
Apple accounted for 33.3%, with 1,012 complaints. Together, these tech giants accounted for 74.7% of all identity theft complaints analyzed, CrowdStrike said.
The Social Security Administration (SSA) was third in the ranking of organizations rigged by crooks. And among all U.S. federal agencies, the SSA accounted for 91.8% of phishing scam complaints, CrowdStrike said.
The ranking is based on a Freedom of Information Act request to the Federal Trade Commission by CrowdStrike which asked for the total number of phishing scams involving the top 50 brands and all US federal agencies.
Phishing is a serious cybersecurity problem in the United States that costs Americans more than $ 54 million in 2020 according to the FBI. Typically, phishing scammers are looking for your password and other account information. Or they can try to make you download a malicious file which will install viruses. Phishing is usually done through email, text, phone, or social media.
GOOGLE SEES NEW TIP IN NORTH KOREA’S RENEWED CYBERS ATTACKS
A typical scam cited by CrowdStrike “tricks user into manually downloading and executing” files. In one example, if you click on the attached file, a Trojan infects your computer with malware that logs keystrokes, often for the express purpose of stealing your password.
An email containing a malicious file or link that deploys malware when a recipient clicks on it is a common tactic cited by the FBI in its 2020 Internet Crime Report.
What to watch out for
CrowdStrike says typical red flags for phishing messages include:
Request sensitive information: Legitimate businesses won’t ask for credit card information, social security numbers, or passwords over email, or send you a link to log into a system outside of their website, said CrowdStrike.
Use a different domain: an Amazon message will come from “@ amazon.com”. It will not come from “[email protected]”.
Contains links that do not match the domain: Hover over all links. If they don’t get you to the brand’s site, they’re wrong.
Includes unsolicited attachments: legitimate businesses do not send attachments. Never click on an attachment.
Is not personalized: Addressing you as a “dear member” instead of your name.
Bad spelling and grammar: Phishing emails often contain excessive grammatical errors.
CLICK HERE TO GET THE FOX NEWS APP
Americans can report phishing attacks to: [email protected]