Yahoo is the most scammed brand in the last three months of 2022

 70 total views

Although no longer “storming”, covering almost every corner of the internet world as in the past, Yahoo is still a familiar name to millions of people around the world. That’s why this brand is still so valuable, especially for scammers on the online space.

According to statistical data from global cybersecurity company Check Point, Yahoo is the most impersonated brand in phishing attacks recorded during the last 3 months of 2022. The report indicates that Up to 20% of recorded online brand fraud attempts have faked or imitated Yahoo. Most of them are email phishing campaigns in which cybercriminals send emails with the subject “Yahoo Award” and include related phrases like Award Promotion,” “Award Center,” “Info” winning,” or “Award Winning” intended to deceive the gullible.

The body of the email informs the recipient that they have won hundreds of thousands of dollars in bonuses thanks to Yahoo. However, to be able to authenticate and claim the prize, they must submit their personal information and bank account details. This is a pattern of data theft that is not new, but still very effective because it hits the greed and lightheadedness of the victim. The phishing email even asks the recipient not to tell anyone else about winning the prize due to legal issues.

After Yahoo, DHL is the second most impersonated brand according to Check Point statistics with 16%, while Microsoft holds the third place with 11%. Other brands that made the list include Google, LinkedIn, WeTransfer, Netflix, FedEx, HSBC and WhatsApp. All are famous global brands.

Ultimately, the study found that technology was the industry most likely to be imitated by scammers in Q4 2022, followed by transportation and social media.

To protect yourself from phishing attacks, always use caution when opening links or downloading attachments from unsolicited emails, simply because they may contain malware. Also, get in the habit of checking the URL of the website you’re visiting. For example, if the URL doesn’t start with, it could be a phishing site.

Finally, enable two-factor authentication if available to ensure that threat actors won’t be able to break into your account even if you accidentally give them your login username and password.

Leave a Reply

Your email address will not be published. Required fields are marked *

%d bloggers like this: