A Cisco Talos study found that the most frequently imitated brand globally by hackers is Microsoft by a long way, followed by DocuSign and Amazon in second and third place. PayPal, Adobe, and Instagram also ranked in the top 10, along with Nortonlifelock, Chase, Geek Squad, and Home Depot, according to Cisco Talos.
Illegal use of brand names is easy, according to researchers. For example, attackers insert trademarks directly into the HTML source code of an email. To make detection more difficult, hackers also encode this email using base64. Another method is to retrieve the logon from the remote server when requested by the email program. In this case, the URI (Uniform Resource Identifier) of the resource is embedded in the HTML source code of the email. Alternatively, the attackers provide the logo – base64 encoded – as an attachment, which is displayed by email clients when referring to the HTML source to entice potential victims to reveal their login credentials and other sensitive information.
The attackers’ deceptive goal: By making an email about a brand name appear to come from a trusted company, recipients are less likely to question the authenticity of the message. For example, scammers pose as support staff for a company that claims to work for the company they are targeting. The email asks for the victim’s login information, for example, and thus gains access to the relevant accounts.
Source link