The Federal Bureau of Investigation warned today of recently detected spear-phishing email campaigns targeting customers of “Brand-name companies” in attacks known as brand phishing.
In addition to these ongoing phishing attacks, threat actors are also likely developing tools to bait potential targets into revealing info for bypassing account protections two-factor authentication by intercepting emails and compromising accounts.
According to Check Point’s Brand Phishing Report for Q2 2021, the top five brands by their appearance in brand phishing attempts are Microsoft, DHL, Amazon, Bestbuy, and Google.
The FBI encouraged private sector partners to stay vigilant and evaluate their internal security policies and provide their consumers with info regarding account security protocols.
Do not store important documents or information in your email account.
Enable 2FA and/or multi-factor authentication options to help secure online accounts, such as a phone number, software-based authenticator programs/apps, USB security key, or a separate email account to receive authentication codes for account logins, password resets, or updates to sensitive account information.