BRAND IMPERSONATION
Phishing emails that impersonate well-known brands
WHAT IS BRAND IMPERSONATION?
Brand Impersonation when conducted through email, sees a cybercriminal impersonate a well-known, recognizable brand in an attempt to steal credentials or other potentially sensitive information. Brand Impersonation, or Brand Spoofing is a highly successful attack technique used by hackers to steal data, which can then be used in future scams. By posing as a recognizable brand or organization familiar to the recipient, attackers can trick their victims into clicking on a link or attachment in the email.
Tech Giants Most Spoofed
Microsoft, Apple and Google were the top three brands that cyber-criminals attempted to impersonate in 2021.
(source: IBM)
1/4 of Branded Emails Spoofed
25% of all branded emails that organizations receive are spoofed, or brand impersonation attempts.
(source: Digital in the Round)
1 in 8 will share data
1 in 3 employees are likely to click the links in phishing emails, and 1 in 8 employees are likely to share information requested.
WHAT DOES BRAND
IMPERSONATION LOOK LIKE?
Brand Impersonation scams are a numbers game. By leveraging the ubiquity of a brand like Apple, the email will likely appear relevant to a sizeable portion of recipients. These emails will contain either a link to a phishing site or malware that will download once clicked on. Although they are not nearly as sophisticated as other email attacks, mass phishing campaigns like this can easily be sent to a million recipients. A success rate of only 0.5% still results in 5,000 infections or stolen credentials that be used in future, more-targeted scams.
Spoofed Display Name
With the display name “Apple Support” the attacker is attempting to masquerade as Apple. On a mobile device, the recipient will likely only see the display name.
Sense Of Urgency
The attacker creates a sense of urgency by telling the user their account has been locked and they must take action.
Link to Fake Login Page
The call to action links to a fake login page designed to steal the user’s credentials.
HOW DOES MESH PROTECT AGAINST
BRAND IMPERSONATION?
Mesh applies over 250 unique filters to every single email it processes, protecting against the full spectrum of email attacks. Combining machine learning, predictive threat intelligence and advanced content analysis, Mesh identifies indicators of compromise, fraud, impersonation, phishing, malicious content, spam, and unsolicited marketing emails, keeping organizations and their people safe.
URL Protect
All links in the email are subjected to scanning against real-time threat feeds for known and unknown malicious sites as well as fake login pages and phishing sites. Links to unknown or suspicious objects are sandboxed.
Attachment Sandboxing
Unknown and potentially malicious attachments are detonated in a virtual environment to determine their behavior, protecting against never-before-seen, zero-hour threats like polymorphic malware.
Dynamic Content Scanning
Next Generation Spam Filtering - text and images in the message body are dynamically scanned for indicators of spam and nefarious intent, including evasive techniques such as the use of Cyrillic characters, empty white space, and the packing of email with excess content.
The detection accuracy is excellent & for the price point, it's a no-brainer.
Mesh has significantly reduced the amount of email-related tickets we receive. The ability to manage everything centrally from partner level makes our job so much easier - we can make changes for all clients in one go. Onboarding was quick and painless, both our engineers and end-users took to it straight away.”
Chris Pottrell
CEO @ Nebula IT
Ready to get started?
Make your customers safer and
your MSP more efficient.
MSP Success Stories
Discover how your MSP peers have made their MSPs more efficient and profitable, while delivering better email security to their customers.
Mesh is not for everyone
We’re developing the only email security platform built exclusively for MSPs, but nobody is perfect and Mesh is not for every team.