Phishing warning: These are the brands most likely to be impersonated by crooks, so stay alert

Cyber criminals know how many of us are working from home and are looking to exploit that situation with phishing emails designed to copy big brands.

Almost half of all phishing attacks designed to steal login credentials like email addresses and passwords by imitating well-known brands are impersonating Microsoft. Cybersecurity researchers at Check Point analysed phishing emails sent over the last three months and found that 43% of all phishing attempts mimicking brands were attempting to pass themselves off as messages from Microsoft. Microsoft is a popular lure because of Office 365's wide distribution among enterprises. By stealing these credentials, criminals hope to gain access to corporate networks. And with many organisations shifting towards remote working to ensure social distancing over the course of the last year, email and online messaging have become even more important to businesses – and that's something cyber attackers are actively looking to exploit.

Not only are employees relying on emails for everyday communication with their team mates and bosses, they also don't always have the same security awareness and protection while working from home.With these attacks, even if the messages aren't designed to look like they come from Microsoft itself, and they could claim to come from a colleague, HR, a supplier or anyone else the person might come into contact with, the phishing link or attachment will ask the user to enter their login details to 'verify' their identify. If the email address and password are entered into these pages designed to look like a Microsoft login site, the attackers are able to steal them. Stolen credentials can be used to gain further access to the compromised network, or they can be sold on to other cyber criminals on dark web marketplaces.