Brand Impersonation

Cyber criminals love a crisis. When panic begins, they see an opportunity to feed on your fear. With more people working remotely than ever before, the attacks are definitely on the increase. Some simple tips can help you spot a spoof email from a seemingly trusted company.

Brand impersonation has become so popular that 83% of all spear phishing attacks use this tactic. A scammer mimics a well-known company telling you there is something wrong with your account. If you just click the link and log in, you can verify the suspicious activity. Everything looks legitimate so you click the link, go to what you think is the company’s website and sign in. Whoever really sent the email now knows your username and password, giving them the ability to gain access to your real account. Do you use the same password for multiple accounts? They have access to those as well.

Know your enemy

Many cyber criminals are foreign, college educated people working for large foreign companies whose sole purpose is stealing your money and your information. They spend their time studying trends, studying you and then sending what will scare you the most. This image shows the same email on a computer screen versus a phone. On the computer, it is pretty obvious that it’s a scam. However, they know many people check email on their phone, so it was optimized to look correct on a phone screen.

What to look for

There are simple things to check for in order to spot the spoof.

  • Misspellings or questionable domain name in sender’s email and hyperlinks
  • Poor grammar. English is a second language for many cyber criminals.
  • Vague description of the “issue” with your account
  • Ask “Is this normal practice for the company to communicate with me?”

 Best practices to protect yourself

Don’t panic! Take a moment to closely look at the email.

  • Match their claim to your use of the product. (i.e. if you receive an email about an iTunes purchase, but haven’t made any purchases)
  • If you want to check your account, do not follow links in the email. Go to the company’s website directly to log in
  • When in doubt, call the company to ask about your account
  • If you do make a mistake and type in your user id and password to an impersonating website, immediately go to your real account and change your password.

Want to see more?

Download our free checklist to share with family, friends and coworkers about how you can find fake emails. Don’t let the cyber criminals past your defenses.


By submitting this form, you are consenting to receive marketing emails from: Third Rock, 595 Round Rock West Dr, Round Rock, TX, 78681, https://thirdrock.com. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Find the Fake Email checklist

Please tell us a little about yourself.

Thank you for registering. Enjoy your checklists!

remote working student

Remote Video Conference checklist

Please tell us a little about yourself.

Thank you for registering. Enjoy your checklists!

home office

Home Office Security checklist

Please tell us a little about yourself.

Thank you for registering. Enjoy your checklists!

remote workforce cybersecurity

Get your checklists today

Please tell us a little about yourself.

Thank you for registering. Enjoy your checklists!

Pretexting Scam

Please tell us a little about yourself.

Thank you for registering. Enjoy your checklists!

Device cybersecurity checklist

Please tell us a little about yourself.

Thank you for registering. Enjoy your checklists!