{"id":9196,"date":"2023-06-27T17:16:36","date_gmt":"2023-06-27T11:46:36","guid":{"rendered":"https:\/\/threatcop.com\/blog\/?p=9196"},"modified":"2024-08-13T11:30:03","modified_gmt":"2024-08-13T06:00:03","slug":"microsoft-impersonation","status":"publish","type":"post","link":"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/","title":{"rendered":"How has Microsoft Impersonation Become a Major Concern for CISOs?"},"content":{"rendered":"<p style=\"text-align: justify;\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">Cyberattacks are becoming increasingly sophisticated and email impersonation is one of the most common forms of phishing attack. Cybercriminals are always looking for new ways to infiltrate big networks and steal sensitive information.&nbsp; Brands are frequently imitated in a variety of services, including illegal streaming sites, retail websites, social media, finance, and more. <\/span><b>Microsoft, a reputed IT company, topped the list of hackers&#8217; favorite impersonation brands in 2022<\/b><span style=\"font-weight: 400;\">. And Microsoft impersonation is a major concern for CISOs (Chief Information Security Officers) around the world.<\/span><\/span><\/p><div id=\"ez-toc-container\" class=\"ez-toc-v2_0_84 ez-toc-wrap-center counter-hierarchy ez-toc-counter ez-toc-light-blue ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #414141;color:#414141\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #414141;color:#414141\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/#Why_is_Microsoft_a_Hackers_Favorite_Brand_to_Impersonate\" >Why is Microsoft a Hacker&#8217;s Favorite Brand to Impersonate?<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/#Book_a_Free_Demo_Call_with_Our_People_Security_Expert\" >Book a Free Demo Call with Our People Security Expert<\/a><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/#Enter_your_details\" >Enter your details<\/a><\/li><\/ul><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/#How_do_Threat_Actors_Implement_the_Email_Phishing_Attacks\" >How do Threat Actors Implement the Email Phishing Attacks?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/#Methods_Used_by_Attackers_to_Impersonate_Microsoft\" >Methods Used by Attackers to Impersonate Microsoft&nbsp;<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/#Hackers_Abused_Microsofts_%E2%80%9CVerified_Publisher%E2%80%9D_OAuth_App\" >Hackers Abused Microsoft&#8217;s &#8220;Verified Publisher&#8221; OAuth App<\/a><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/#Consent_Phishing\" >Consent Phishing<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/#Microsoft_Bing_and_Cortana_Source_Codes_Compromised\" >Microsoft Bing and Cortana Source Codes Compromised<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/#Why_is_Microsoft_Impersonation_a_Major_Concern_for_CISOs\" >Why is Microsoft Impersonation a Major Concern for CISOs?<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/#Prevalence_of_Microsoft_Products\" >Prevalence of Microsoft Products<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-11\" href=\"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/#Phishing_and_Social_Engineering_Attacks\" >Phishing and Social Engineering Attacks<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-12\" href=\"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/#Business_Email_Compromise_BEC\" >Business Email Compromise (BEC)<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-13\" href=\"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/#Will_Human-Centric_Cybersecurity_Help\" >Will Human-Centric Cybersecurity Help?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-14\" href=\"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/#Actions_CISOs_Can_Take_to_Implement_People_Security_Management\" >Actions CISOs Can Take to Implement People Security Management<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-15\" href=\"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/#Educate_Partners_Customers_and_Employees\" >Educate Partners, Customers, and Employees<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-16\" href=\"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/#Regular_cyber_training_for_employees\" >Regular cyber training for employees<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-17\" href=\"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/#Consider_BYOD_policy\" >Consider BYOD policy<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-18\" href=\"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/#Restricted_data_access\" >Restricted data access<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-19\" href=\"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/#FAQs_Microsoft_Impersonation_Attack\" >FAQs: Microsoft Impersonation Attack<\/a><\/li><\/ul><\/nav><\/div>\n\n<p style=\"text-align: justify;\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">Microsoft, Meta, Yahoo, and PayPal are among the most impersonated brands by hackers. According to a report by a cybersecurity organization, <\/span><b>Microsoft edged out Facebook for the top spot among the 25 businesses that phishers most frequently impersonated <\/b><span style=\"font-weight: 400;\">in the first half of 2022, with a total of 11,041 distinct phishing URLs. The Indian Express reported in 2021 that 36.6% of phishing attacks were orchestrated by impersonating the product pages of Microsoft.<\/span><\/span><\/p>\n\n<style type=\"text\/css\">\n      @media print, screen and (max-width: 63.99875em){\n      .tnp-submit\n      width: 48%;\n      }\n      .wp-block-tnp-minimal{\n      padding: 20px;\n      }\n      .blog_para\n      margin-top: 4px !important;\n      line-height: 25px !important;\n      font-size: 15px !important;\n      }\n\n      }\n      .blog_para{\n      font-family: jost,sans-serif;\n      margin-top: 14px;\n      margin-bottom: 30px;\n      color: #fff;\n      font-size: 15px !important;\n      color: black !important;\n\n      }\n\n      .wp-block-tnp-minimal{\n      padding:20px;\n      border: 1px solid grey;\n      }\n\n      .tnp-submit a{\n        background: #1d58c7!important;\n    border-radius: 5px!important;\n    text-transform: inherit!important;\n    padding: 8px 25px!important;\n    font-weight: 600!important;\n    color: #fff!important;\n    width: 30%!important;\n    border: none;\n      }\n\n      .blog_get{\n      font-size: 24px !important;\n      font-weight: 700;\n      padding-bottom: 0px;\n    font-family: 'Poppins' !important;\n      margin-bottom: 0px;\n      margin-top: 0px;\n      margin-bottom: 0px !important;\n      color: white;\n          line-height: 30px;\n          color: white;\n      }\n      .row{\n             display: flex;\n    flex-wrap: wrap;\n    flex-direction: row;\n    padding: 25px 0px 25px 36px;\n    align-items: center;\n\n      }\n\n.colLeft{\n         flex-basis:50%;\n    -webkit-box-flex: 0;\n    flex-grow: 0;\n    max-width: 50%;\n    color: white;\n}\n    \n .colRight{\n       flex-basis: 45%;\n    -webkit-box-flex: 0;\n    flex-grow: 0;\n    max-width: 50%;\n }\n\n.tnp-subscription-minimal{\n    float: right;\n}\n<\/style>\n<div style=\"max-width: 741px; margin: 0 auto; background-image: url('https:\/\/awareness.threatcop.ai\/marketing\/linkedinlowerbanner.webp'); background-repeat: no-repeat; background-size: cover; background-position: center; \">\n<div class=\"row\">\n<div class=\"colLeft\">\n<p class=\"blog_get\" style=\"font-family: 'Poppins' !important; color: white !important\">Subscribe to Our Newsletter On Linkedin<\/p>\n<p class=\"blog_para\" style=\"font-size: 16px;font-family: 'Poppins' !important; color: white !important; margin-top: 10px; margin-bottom: 28px;line-height: 25px;\">Sign up to Stay Tuned with the Latest Cyber Security News and Updates<\/p>\n\n<div>\n<div class=\"tnp\" style=\"margin-bottom: 10px;\">\n            <form action=\"https:\/\/threatcop.com\/newsletter-thank-you\" method=\"get\" target=\"_blank\">\n<div class=\"tnp-submit\">\n                  <a class=\"libutton\" href=\"https:\/\/www.linkedin.com\/build-relation\/newsletter-follow?entityUrn=7062043746430783488\" target=\"_blank\" rel=\"noopener\">Subscribe<\/a><\/div>\n<\/form><\/div>\n<\/div>\n<\/div>\n<div class=\"colRight\">\n<div>\n<div class=\"tnp tnp-subscription-minimal \">\n            <img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/marketing\/newsletter-icon.webp\" class=\"img-fluid\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Why_is_Microsoft_a_Hackers_Favorite_Brand_to_Impersonate\"><\/span><span style=\"color: #000000;\"><b>Why is Microsoft a Hacker&#8217;s Favorite Brand to Impersonate?<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter\"><img loading=\"lazy\" decoding=\"async\" width=\"1512\" height=\"1279\" src=\"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/06\/Why-is-Microsoft-favorite-brand-for-impersonation-attack.jpg\" alt=\"Why is Microsoft favorite brand for impersonation attack\" class=\"wp-image-9569\"\/><\/figure>\n<\/div>\n\n\n<p class=\"wp-block-paragraph\"><strong><span style=\"color: #000000;\">Microsoft and Google top the list of most impersonated brands with 42,226 phishing pages, surpassing all combined cloud brands at 38,893. <\/span><\/strong><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">Today <\/span><b>70% of businesses universally depend on Microsoft\u2019s cloud services <\/b><span style=\"font-weight: 400;\">which makes it a lucrative target for impersonation to steal exclusive data from Microsoft 365 applications. Intruding into a Microsoft 365 account also enables hackers to carry out inside attacks. The attacks include, malware distribution, ransomware attacks, and user manipulation for business email compromise.<\/span><\/span><br><span style=\"color: #000000;\"><\/span><\/p>\n\n\n\n<!DOCTYPE html>\n<html lang=\"en\">\n\n<head>\n    <meta charset=\"UTF-8\">\n    <meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n    <meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\">\n    <title>Document<\/title>\n<\/head>\n\n<style>\n    .interestedBtn {\n        width: 80% !important;\n        box-sizing: border-box !important;\n        display: inline-block !important;\n        padding: 11px !important;\n        border: 1px !important;\n        border-color: #ddd !important;\n        margin-top: 10px !important;\n        background-color: #183e8b !important;\n        background-image: none !important;\n        text-shadow: none !important;\n        color: #fff !important;\n        font-size: 14px !important;\n        line-height: 20px !important;\n        border-radius: 5px !important;\n        margin: 0 !important;\n        cursor: pointer !important;\n        box-shadow: 0px 4.66px 22.99px 0px rgba(0, 0, 0, 0.10);;\n    }\n\n\n        .formSec .formSecTwo{\n            padding-top: 15px !important;\n            margin-bottom: 30px !important;\n        }\n\n\n    .tnp-email {\n        width: 80% !important;\n        box-sizing: border-box;\n        padding: 8px 10px;\n        display: inline-block;\n        border: 1px solid #ced4da;\n        background: #fff;\n        color: #000 !important;\n        font-size: 13px;\n        line-height: 20px;\n        border-radius: 2px;\n        padding-right: 30px;\n        margin-bottom: 0px;\n    }\n\n    .formSec {\n        border: 1px solid #ced4da;\n        float: left !important;\n        width: 55% !important;\n    }\n\n    .mainBox {\n       \/* border: 1px solid #183e8b;*\/\n         background: white;\n        max-width: 600px !important;\n        margin: 0 auto !important;\n        padding: 20px !important;\n        font-family: Arial, Helvetica, sans-serif !important;\n    }\n\n    .boxDiv {\n        display: flex !important;\n    }\n\n    .boxConsult {\n        float: left !important;\n        width: 45% !important;\n        padding: 10px !important;\n    }\n\n    .formSecTwo {\n        text-align:center !important;\n        width: 100% !important;\n    }\n\n    .formHeading {\n        font-family: Arial, Helvetica, sans-serif;\n        margin-top: 0px;\n        font-weight: 700;\n        line-height: 25px;\n        font-size: 18px !important;\n        \n       margin-bottom: 60px !important;\n       color: #000!important;\n          margin-top: 5px !important;\n    }\n\n    .fieldHeading {\n        margin: 0 !important;\n        font-size: 13px !important;\n        text-align: left !important;\n        margin: 0px 39px 2px 93px !important;\n        font-weight: 500 !important;\n    }\n\n    .image {\n        max-width:90% !important;\n        height: auto !important;\n    }\n\n     .email-icon {\n            position: absolute;\n            right: 50px;\n             top: 20px;\n            transform: translateY(-50%);\n            pointer-events: none; \n        }\n\n          .email-container{\n             position: relative;\n         \n        }\n       \n\n        .email-icon img{\n                 width: 15px;\n        }\n\n\n         input::placeholder {\n            color:#495057;\n        }\n\n\n     ::placeholder {\n        color: #495057;\n    }\n\n        ::-ms-input-placeholder { \n          color:#495057;\n        }\n\n\n        input:-webkit-autofill {\n            background-color: transparent !important;\n            -webkit-box-shadow: 0 0 0px 1000px white inset !important; \n            box-shadow: 0 0 0px 1000px white inset !important;\n            color: #495057 !important; \n        }\n\n        \n        input {\n            color:#495057 !important;\n        }\n\n\n    @media screen and (max-width: 480px) {\n        .boxDiv {\n            display: block !important;\n            padding: 15px !important;\n         \n        }\n\n        .image{\n        width: 80% !important;\n         margin-bottom: 14px;\n        }\n        .fieldHeading {\n            text-align: left !important;\n            margin: unset !important;\n        }\n\n        .boxConsult {\n            width: unset !important;\n            float: none !important;\n        }\n\n        .mainBox {\n            border: unset !important;\n        }\n\n        .formSec {\n            float: unset !important;\n            width: 100% !important;\n        }\n\n        .formSecTwo {\n            text-align: center !important;\n        }\n\n        .tnp-email {\n            width: 90% !important;\n        }\n\n        .formHeading {\n            margin-bottom: unset !important;\n        }\n\n         .email-icon {\n            position: absolute;\n            right: 25px;\n            top: 58%;\n            transform: translateY(-50%);\n            pointer-events: none; \/* Make sure the icon doesn't block clicking on the input *\/\n        }\n       \n        .email-container{\n             position: relative;\n        }\n\n    }\n<\/style>\n\n<body>\n\n    <div class=\"mainBox\" box-sizing:=\"\" border-box;=\"\">\n\n        <div class=\"boxDiv\">\n\n            <div class=\"boxConsult\">\n                <div>\n                    <h3 class=\"formHeading\" style=\" font-size: 16px !important;\"><span class=\"ez-toc-section\" id=\"Book_a_Free_Demo_Call_with_Our_People_Security_Expert\"><\/span>\n                        Book a Free Demo Call with Our People Security Expert<span class=\"ez-toc-section-end\"><\/span><\/h3>\n                <\/div>\n                <img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/threatcop_blog\/form.svg\" class=\"image\">\n            <\/div>\n\n            <div class=\"formSec\">\n                <div class=\" formSecTwo\">\n                    <h4 style=\"margin-top: 0; font-size: 16px !important;\"><span class=\"ez-toc-section\" id=\"Enter_your_details\"><\/span>Enter your details<span class=\"ez-toc-section-end\"><\/span><\/h4>\n                    <div class=\"tnp tnp-subscription-minimal\">\n                        <form action=\"https:\/\/threatcop.com\/thankyou-blog\" method=\"get\" target=\"_blank\">\n                            <div class=\"email-container\" style=\"margin-bottom:20px;\">\n\n                                <input class=\"tnp-email\" type=\"text\" required=\"\" name=\"FullName\" value=\"\"\n                                    placeholder=\"Full Name\">\n                                    <span class=\"email-icon\"><img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/threatcop_blog\/icon01.svg\" class=\"img-fluid\" \/><\/span>\n                            <\/div>\n\n                            <div class=\"email-container\" style=\"margin-bottom:20px;\">\n                               \n                                <input class=\"tnp-email\" type=\"email\" required=\"\" name=\"email\" value=\"\"\n                                    placeholder=\"Corporate Email Id\">\n                                     <span class=\"email-icon\"><img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/threatcop_blog\/icon02.svg\" class=\"img-fluid\" \/><\/span>\n                            <\/div>\n\n                            <div class=\"email-container\" style=\"margin-bottom:20px;\">\n                               \n                                <input class=\"tnp-email\" type=\"text\" required=\"\" name=\"CompanyName\" value=\"\"\n                                    placeholder=\"Company Name\">\n                                    <span class=\"email-icon\"><img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/threatcop_blog\/icon03.svg\" class=\"img-fluid\" \/><\/span>\n\n                            <\/div>\n\n                            <div class=\"email-container\">\n                               \n                                <input class=\"tnp-email\" type=\"number\" required=\"\" name=\"Phone\" value=\"\"\n                                    placeholder=\"Phone No.\"><br>\n                                    <span class=\"email-icon\"><img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/threatcop_blog\/icon04.svg\" class=\"img-fluid\" \/><\/span>\n                            <\/div>\n                            <input type=\"hidden\" name=\"BlogForm\" value=\"BlogForm\"><br>\n                            <input class=\"tnp-submit interestedBtn\" name=\"submit\" type=\"submit\"\n                                value=\"SUBMIT\">\n\n                        <\/form>\n                    <\/div>\n                <\/div>\n            <\/div>\n\n        <\/div>\n    <\/div>\n\n<\/body>\n\n<\/html>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">Hackers pose as Microsoft by making false login pages, phishing emails, and social engineering assaults, hackers pose as Microsoft. These attacks can infect the victim&#8217;s system with malware or steal sensitive data like login passwords.\u00a0Microsoft 365 is the #1 most popular productivity suite in the world. With more than 240 million corporate members, Microsoft&#8217;s hugely successful 365 platforms have made the company an appealing target, leading to a <\/span><b>266% quarter-over-quarter increase in phishing attempts impersonating the company this year.<\/b><span style=\"font-weight: 400;\"> According to the report, productivity suites have grown to be a desirable target for phishers. As it provides additional chances to take advantage of users both before and after a first intrusion.<\/span><\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><b>Read More<\/b><span style=\"font-weight: 400;\">&#8211; <\/span><em><strong><span style=\"color: #183994;\"><a style=\"color: #183994;\" href=\"https:\/\/threatcop.com\/blog\/email-impersonation-attack\/\">Email Impersonation Attack are on the Rise<\/a><\/span><\/strong><\/em><\/span><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"How_do_Threat_Actors_Implement_the_Email_Phishing_Attacks\"><\/span><span style=\"color: #000000;\"><b>How do Threat Actors Implement the Email Phishing Attacks?<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><a style=\"color: #000000;\" href=\"https:\/\/threatcop.com\/blog\/impersonation-attacks\/\"><span style=\"font-weight: 400;\">Phishing emails mimic authenticity<\/span><\/a><span style=\"font-weight: 400;\"> but are designed to extract personal information or money, posing a major global concern for individuals and businesses. Phishers will create malicious domain names claiming that they belong to these well-known trusted brands to hack your data. The <\/span><b>sender will be tagged as unverified to alert the recipient that the sender might not be who they seem to be if the message is suspicious but not malicious.<\/b><span style=\"font-weight: 400;\">&nbsp;<\/span><\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">&nbsp;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">\u201cHackers play on our faith to carry out phishing attacks as they target the companies we use every day. It is becoming harder for even the most technologically adept individual to recognize. Our bank accounts, passwords, and sanity shouldn&#8217;t be jeopardized because <\/span><b>we overlooked the &#8216;from&#8217; field or unintentionally clicked on a tricky URL<\/b><span style=\"font-weight: 400;\">,\u201d according to Matthew Prince, co-founder and CEO of Cloudflare.<\/span><\/span><\/p>\n\n\n<div class=\"wp-block-image wp-image-9198 size-full\">\n<figure class=\"aligncenter\"><img loading=\"lazy\" decoding=\"async\" width=\"625\" height=\"427\" src=\"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/06\/A-phishing-Email-Impersonating-Microsofts-Outlook-from-Simulation-Campaign-by-Threatcop.png\" alt=\"An example of phishing Email Impersonating Microsoft's Outlook (exclusively developed by Threatcop) \" class=\"wp-image-9198\"\/><figcaption class=\"wp-element-caption\"><span style=\"color: #000000;\">A phishing Email Impersonating Microsoft&#8217;s Outlook from Simulation Campaign by Threatcop<\/span><\/figcaption><\/figure>\n<\/div>\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">Phishing attacks are carried out by threat actors against businesses that store a lot of sensitive customer data. Cybercriminals search for potential victims by sending out emails and setting up phony websites using social engineering techniques. <\/span><b><span style=\"color: #183994;\"><a style=\"color: #183994;\" href=\"https:\/\/threatcop.com\/blog\/phishing-attacks\/\">Phishing attacks<\/a><\/span> against the retail and wholesale sector increased by 436% in 2021 compared to 2020<\/b><span style=\"font-weight: 400;\">. As the pandemic drove increased online shopping, threat actors capitalized on the opportunity. As the pandemic drove increased online shopping, threat actors capitalized on the opportunity. However, it is the consumer confidence and brand reputation that suffer the most when retailers are targeted by phishing attempts.<\/span><\/span><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Methods_Used_by_Attackers_to_Impersonate_Microsoft\"><\/span><span style=\"color: #000000;\"><b>Methods Used by Attackers to Impersonate Microsoft&nbsp;<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Hackers_Abused_Microsofts_%E2%80%9CVerified_Publisher%E2%80%9D_OAuth_App\"><\/span><span style=\"color: #000000;\"><b>Hackers Abused Microsoft&#8217;s &#8220;Verified Publisher&#8221; OAuth App<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">Last year, through the Microsoft Cloud Partner Programme (MCPP), commonly known as the Microsoft Partner Network (MPN), a collection of threat actors <\/span><b>successfully attained &#8220;verified publisher&#8221; status<\/b><span style=\"font-weight: 400;\">. According to Microsoft, the attackers registered fake versions of apps with <\/span><b>plausible names like &#8220;Single Sign On (SSO)&#8221; and &#8220;Meeting&#8221; that were disguised with convincing visual cues like Zoom&#8217;s older video symbol and Zoom-like URLs. <\/b><span style=\"font-weight: 400;\">In order to join the MCCP, the attackers first pretended to be legal businesses. Then they used these identities to add a verified publisher to \u201c<\/span><b>OAuth app registrations<\/b><span style=\"font-weight: 400;\">\u201d that they had made in Azure Active Directory (AD).&nbsp;<\/span><\/span><\/p>\n\n\n<div class=\"wp-block-image wp-image-9200\">\n<figure class=\"aligncenter\"><img loading=\"lazy\" decoding=\"async\" width=\"525\" height=\"558\" src=\"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/06\/Source-Bleeping-computer.jpg\" alt=\"Hackers pretended as a legal business to requested permission from Publisher App\" class=\"wp-image-9200\"\/><figcaption class=\"wp-element-caption\"><span style=\"color: #000000;\">(Source:Bleeping Computer)<\/span><\/figcaption><\/figure>\n<\/div>\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">To become a <\/span><b>&#8220;verified publisher,&#8221; the software publisher must confirm their identity using their Microsoft Partner Network (MPN) <\/b><span style=\"font-weight: 400;\">account and link it to their app registration. According to Microsoft&#8217;s guidelines, a <\/span><b>blue verified badge is displayed on the Azure AD consent prompt <\/b><span style=\"font-weight: 400;\">and other web pages once the app publisher&#8217;s verification is complete. It&#8217;s important to note that Microsoft refers to third-party OAuth apps created by external companies as &#8220;publishers.&#8221;<\/span><\/span><\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Consent_Phishing\"><\/span><span style=\"color: #000000;\"><b>Consent Phishing<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">Microsoft calls it &#8220;<\/span><b>consent phishing&#8221; as attackers trick users into granting access to fake apps<\/b><span style=\"font-weight: 400;\">, potentially compromising sensitive data for an extended period. In consent phishing, users unknowingly grant permissions to malicious cloud apps, allowing access to their data and legitimate cloud services. <\/span><\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><b>The attackers specifically targeted managers, executives, as well as marketing and finance staff u<\/b><span style=\"font-weight: 400;\">sing deceptive software solutions. Through malicious software, the fake solutions partners targeted managers and executives as well as staff in marketing and finance. <\/span><b>Users who click on the fake badge put themselves at risk of data exfiltration, and brand impersonation for their companies.<\/b><\/span><\/p>\n\n\n<div class=\"wp-block-image wp-image-9201\">\n<figure class=\"aligncenter\"><img loading=\"lazy\" decoding=\"async\" width=\"1114\" height=\"1500\" src=\"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/06\/Source-Microsoft_1.jpg\" alt=\"Microsoft learned that threat actors had exploited the permission to exfiltrate mailboxes\" class=\"wp-image-9201\"\/><figcaption class=\"wp-element-caption\"><span style=\"color: #000000;\">(Source: Microsoft)<\/span><\/figcaption><\/figure>\n<\/div>\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">The manufacturer of Windows claimed that on December 15, 2022, it learned about the threat. The <\/span><b>impacted customers were subsequently notified through email<\/b><span style=\"font-weight: 400;\">, and the business noted that the <\/span><b>threat actors had exploited the permission to exfiltrate mailboxes.<\/b><span style=\"font-weight: 400;\"> On December 6, <\/span><b>Proofpoint discovered the fraudulent third-party OAuth apps<\/b><span style=\"font-weight: 400;\">, and on December 20, it notified Microsoft. It mentioned that the phishing effort was over on December 27. On December 15, <\/span><b>Microsoft learned about the consent-phishing campaign.<\/b> <b>Microsoft says that the hackers targeted&nbsp; UK and Ireland-based customers.<\/b><\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">Microsoft has bolstered security measures for the Microsoft Cloud Partner Program to enhance vetting processes and mitigate future fraud. They have taken ownership of the fraudulent apps and alerted impacted customers. The <strong>h<\/strong><\/span><b>ackers employed remarkable sophistication to evade Microsoft&#8217;s security mechanisms, making this phishing attack exceptionally well-executed<\/b><span style=\"font-weight: 400;\">.<\/span><\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">&nbsp;<\/span><b>Also Read:<\/b><em><span style=\"color: #183994;\"><a style=\"color: #183994;\" href=\"https:\/\/threatcop.com\/blog\/how-to-implement-dmarc\/\"> <b>Implement DMARC to Ensure Email Security<\/b><\/a><\/span><\/em><\/span><\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Microsoft_Bing_and_Cortana_Source_Codes_Compromised\"><\/span><span style=\"color: #000000;\"><b>Microsoft Bing and Cortana Source Codes Compromised<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">In March 2023, a group of <\/span><b>threat actors known as &#8220;Lapsus$<\/b><span style=\"font-weight: 400;\">&#8220;- which is also labeled as a &#8220;large-scale social engineering and extortion campaign&#8221; by Microsoft had carried out a data breach and <strong>obtained a file containing partial source code from Bing, Bing Maps and Cortana.<\/strong> The software giant revealed that a breach occurred in an employee&#8217;s account, leading to the theft of the company&#8217;s source code.<\/span><\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">The notorious group of hackers released its most recent update, which included uploading a <\/span><b>9GB archive containing the source code for 250 Microsoft projects<\/b><span style=\"font-weight: 400;\">. The organization asserts ownership of 45% of the source codes for Bing Maps. Whereas, Cortana and 90% of the source codes for Bing itself. <strong>The complete collection of stolen information consisted of 37GB of Microsoft source code<\/strong>, with the mentioned portion being just a fraction.<\/span><\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">The company confirmed viewing the source code does not lead to an elevation of risk. <\/span><b>The hackers had \u201climited access\u201d to the source code as they had control of a single account<\/b><span style=\"font-weight: 400;\"> and just after this, the cybersecurity team responded quickly to prevent further activities. Microsoft provided the <strong>Lapsus$ group\u2019s tactics, techniques, and procedures observed by its Threat Intelligence Center, known as MSTIC.<\/strong><\/span><\/span><\/p>\n\n\n<div class=\"wp-block-image size-full wp-image-9202\">\n<figure class=\"aligncenter\"><img loading=\"lazy\" decoding=\"async\" width=\"1600\" height=\"680\" src=\"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/06\/Screenshot-of-Microsoft_s-Azure-DevOps-account-leaked-by-Lapsus_.-Source-Bleeping-Computer_1.jpg\" alt=\"Screenshot of Microsoft's Azure DevOps account leaked by Lapsus$. \" class=\"wp-image-9202\"\/><figcaption class=\"wp-element-caption\"><span style=\"color: #000000;\">Screenshot of Microsoft&#8217;s Azure DevOps account leaked by Lapsus$. (Source: Bleeping Computer)<\/span><\/figcaption><\/figure>\n<\/div>\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><b>MSTIC has observed multiple attacks and reported that these attacks targeted organizations in South America and the U.K.<\/b><span style=\"font-weight: 400;\"> Lapsus$ has its new global targets, including governments and companies in the technology, telecom, media, retail, and healthcare sectors. The hacker organization LAPSUS$ is unusual.&nbsp;<\/span><\/span><\/p>\n\n\n<div class=\"wp-block-image size-full wp-image-9203\">\n<figure class=\"aligncenter\"><img loading=\"lazy\" decoding=\"async\" width=\"957\" height=\"474\" src=\"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/06\/Leaked-Source-Code-Projects-Source-Bleeping-Computer.jpg\" alt=\"Leaked Source Code Projects \" class=\"wp-image-9203\"\/><figcaption class=\"wp-element-caption\"><span style=\"color: #000000;\">Leaked Source Code Projects (Source: Bleeping Computer)<\/span><\/figcaption><\/figure>\n<\/div>\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Why_is_Microsoft_Impersonation_a_Major_Concern_for_CISOs\"><\/span><span style=\"color: #000000;\"><b>Why is Microsoft Impersonation a Major Concern for CISOs?<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">CISOs worldwide express significant concern about Microsoft impersonation, given that many organizations utilize its email and cloud services. Which makes it a potential target for sophisticated cyberattacks and enables unauthorized access to sensitive information.&nbsp;<\/span><\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Prevalence_of_Microsoft_Products\"><\/span><span style=\"color: #000000;\"><b>Prevalence of Microsoft Products<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\"> Microsoft&#8217;s software and services, such as Windows operating systems, Office Suite, and cloud-based solutions like Azure and Office 365, are widely adopted by individuals and organizations worldwide. This ubiquity makes Microsoft an attractive target for cybercriminals seeking to exploit its brand recognition and trusted reputation.<\/span><\/span><\/p>\n\n\n<div class=\"wp-block-image wp-image-9204\">\n<figure class=\"aligncenter\"><img loading=\"lazy\" decoding=\"async\" width=\"1363\" height=\"1000\" src=\"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/06\/Source-Security-Affairs.jpg\" alt=\"An example of Microsoft impersonation\" class=\"wp-image-9204\"\/><figcaption class=\"wp-element-caption\"><span style=\"color: #000000;\">(Source: Security Affairs)<\/span><\/figcaption><\/figure>\n<\/div>\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Phishing_and_Social_Engineering_Attacks\"><\/span><span style=\"color: #000000;\"><b>Phishing and Social Engineering Attacks<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">Microsoft impersonation often involves phishing attacks that trick users into divulging their login credentials or installing malicious software. Cybercriminals may impersonate Microsoft emails, websites, or login prompts to deceive users into providing sensitive information.<\/span><\/span><\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Business_Email_Compromise_BEC\"><\/span><span style=\"color: #000000;\"><b>Business Email Compromise (BEC)<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">Adversaries frequently leverage Microsoft impersonation in BEC attacks, posing as high-ranking executives or trusted partners. By spoofing Microsoft email addresses, attackers deceive employees into initiating fraudulent wire transfers, sharing confidential data, or compromising internal systems.<\/span><\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong><span style=\"color: #000000;\">Read More:<\/span> <em><span style=\"color: #183994;\">Top Real-life Examples of BEC Attacks<\/span><\/em><\/strong><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Will_Human-Centric_Cybersecurity_Help\"><\/span><span style=\"color: #000000;\"><b>Will Human-Centric Cybersecurity Help?<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">Do you have enough confidence in your employees\u2019 intellect that they can safeguard your business from such breaches? Or maybe the right question would be have you empowered them enough? Let&#8217;s see what the latest data disclosed about both the stakeholder. According to the &#8220;<\/span><b>2022 State of Email Security Report&#8221; by Mimecast, 90% of businesses had been the target of impersonation attacks in the preceding year.<\/b><span style=\"font-weight: 400;\"> The number of new domains suspected of imitating popular brands increased by 366%.<\/span><\/span><\/p>\n\n\n<div class=\"wp-block-image wp-image-9205 size-full\">\n<figure class=\"aligncenter\"><img loading=\"lazy\" decoding=\"async\" width=\"800\" height=\"431\" src=\"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/06\/Source-HelpNet-Security.png\" alt=\"How Phishing attack takes place\" class=\"wp-image-9205\"\/><figcaption class=\"wp-element-caption\"><span style=\"color: #000000;\">(Source: HelpNet Security)<\/span><\/figcaption><\/figure>\n<\/div>\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">Additionally, the Mimecast &#8220;2021 State of Brand Protection Report&#8221; discovered that <\/span><b>impersonation attempts for the \u201cBrandZ Top 100 Most Valuable Global Brands 2020\u201d list brands have increased by 381%<\/b><span style=\"font-weight: 400;\"> during the months of May and June 2020 in comparison to the months prior to the pandemic.&nbsp;<\/span><\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">According to Gartner&#8217;s latest report, <strong>90% of employees knowingly engage in unsecured actions that compromise company security and privacy.<\/strong> And following this, the Gartner report also <\/span><b>mentioned that 50% percent of CISOs globally will adopt the human-centric design to reduce cybersecurity operational activities<\/b><span style=\"font-weight: 400;\">. Large enterprises will focus on implementing zero-trust programs.<\/span><\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">A report named <\/span><b>Cyberthreat Defense also cited that low-security awareness among employees is the most significant weak point of these impersonation attacks. <\/b><span style=\"font-weight: 400;\">CISOs are concerned about these factors and shifting their focus to <span style=\"color: #183994;\"><strong><a style=\"color: #183994;\" href=\"https:\/\/threatcop.com\/#:~:text=People%20Security%20Management%20Strengthening%20the%20Weakest%20Link%20in%20Cybersecurity\">People Security Management.<\/a><\/strong><\/span> People Security Management focuses on individuals, not technology or threats, to minimize friction and improve control implementation.<\/span><\/span><\/p>\n\n\n<style type=\"text\/css\">\n      @media print, screen and (max-width: 63.99875em){\n      .tnp-submit\n      width: 48%;\n      }\n      .wp-block-tnp-minimal{\n      padding: 20px;\n      }\n      .blog_para\n      margin-top: 4px !important;\n      line-height: 25px !important;\n      font-size: 15px !important;\n      }\n\n      }\n      .blog_para{\n      font-family: jost,sans-serif;\n      margin-top: 14px;\n      margin-bottom: 30px;\n      color: #fff;\n      font-size: 15px !important;\n      color: black !important;\n\n      }\n\n      .wp-block-tnp-minimal{\n      padding:20px;\n      border: 1px solid grey;\n      }\n\n      .tnp-submit a{\n        background: #1d58c7!important;\n    border-radius: 5px!important;\n    text-transform: inherit!important;\n    padding: 8px 25px!important;\n    font-weight: 600!important;\n    color: #fff!important;\n    width: 30%!important;\n    border: none;\n      }\n\n      .blog_get{\n      font-size: 24px !important;\n      font-weight: 700;\n      padding-bottom: 0px;\n    font-family: 'Poppins' !important;\n      margin-bottom: 0px;\n      margin-top: 0px;\n      margin-bottom: 0px !important;\n      color: white;\n          line-height: 30px;\n          color: white;\n      }\n      .row{\n             display: flex;\n    flex-wrap: wrap;\n    flex-direction: row;\n    padding: 25px 0px 25px 36px;\n    align-items: center;\n\n      }\n\n.colLeft{\n         flex-basis:50%;\n    -webkit-box-flex: 0;\n    flex-grow: 0;\n    max-width: 50%;\n    color: white;\n}\n    \n .colRight{\n       flex-basis: 45%;\n    -webkit-box-flex: 0;\n    flex-grow: 0;\n    max-width: 50%;\n }\n\n.tnp-subscription-minimal{\n    float: right;\n}\n<\/style>\n<div style=\"max-width: 741px; margin: 0 auto; background-image: url('https:\/\/awareness.threatcop.ai\/marketing\/linkedinlowerbanner.webp'); background-repeat: no-repeat; background-size: cover; background-position: center; \">\n<div class=\"row\">\n<div class=\"colLeft\">\n<p class=\"blog_get\" style=\"font-family: 'Poppins' !important; color: white !important\">Subscribe to Our Newsletter On Linkedin<\/p>\n<p class=\"blog_para\" style=\"font-size: 16px;font-family: 'Poppins' !important; color: white !important; margin-top: 10px; margin-bottom: 28px;line-height: 25px;\">Sign up to Stay Tuned with the Latest Cyber Security News and Updates<\/p>\n\n<div>\n<div class=\"tnp\" style=\"margin-bottom: 10px;\">\n            <form action=\"https:\/\/threatcop.com\/newsletter-thank-you\" method=\"get\" target=\"_blank\">\n<div class=\"tnp-submit\">\n                  <a class=\"libutton\" href=\"https:\/\/www.linkedin.com\/build-relation\/newsletter-follow?entityUrn=7062043746430783488\" target=\"_blank\" rel=\"noopener\">Subscribe<\/a><\/div>\n<\/form><\/div>\n<\/div>\n<\/div>\n<div class=\"colRight\">\n<div>\n<div class=\"tnp tnp-subscription-minimal \">\n            <img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/marketing\/newsletter-icon.webp\" class=\"img-fluid\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n\n<h2 style=\"text-align: justify;\"><span class=\"ez-toc-section\" id=\"Actions_CISOs_Can_Take_to_Implement_People_Security_Management\"><\/span><span style=\"color: #000000;\"><b>Actions CISOs Can Take to Implement People Security Management<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p style=\"text-align: justify;\"><span style=\"color: #000000;\">CEOs should actively seek information and participate in building a strategic risk framework, aligning cybersecurity with business demands. They should also ensure routine evaluation of cybersecurity issues, IT strategies, and cloud services. The following are the top security measures a CEO should take:<\/span><\/p>\n<h3 style=\"text-align: justify;\"><span class=\"ez-toc-section\" id=\"Educate_Partners_Customers_and_Employees\"><\/span><span style=\"color: #000000;\"><b>Educate Partners, Customers, and Employees<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400; color: #000000;\">Regular consumer education reduces brand impersonation scams by distinguishing between fake and genuine articles. Which lowers the likelihood of falling for popular scams. <\/span><span style=\"font-weight: 400; color: #000000;\">Make cyber security training for all staff a requirement<\/span><\/p>\n<h3 style=\"text-align: justify;\"><span class=\"ez-toc-section\" id=\"Regular_cyber_training_for_employees\"><\/span><span style=\"color: #000000;\"><b>Regular cyber training for employees<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400; color: #000000;\">Training ensures that each employee is aware of the company-specific cybersecurity risks. The purpose of these sessions is to clearly outline staff roles and responsibilities in preventing threats and breaches and responding to them. <\/span><span style=\"font-weight: 400; color: #000000;\">By teaching your team about cyber security issues and their roles and responsibilities in protecting networks, systems, and IT assets, you may lower the risk to your business. <span style=\"font-weight: 400;\">To create awareness, You can use tools like <strong>Threatcop Security Awareness Training<\/strong> (<span style=\"color: #183994;\"><strong><a style=\"color: #183994;\" href=\"https:\/\/threatcop.com\/threatcop-security-awareness-training\">TSAT<\/a><\/strong><\/span>). This will make your employees resistant to social engineering attacks.<\/span><br \/><\/span><\/p>\n<h3 style=\"text-align: justify;\"><span class=\"ez-toc-section\" id=\"Consider_BYOD_policy\"><\/span><span style=\"color: #000000;\"><b>Consider BYOD policy<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400; color: #000000;\"><strong>BYOD (bring your own device)<\/strong> is a policy that allows employees to use their personally owned devices. It is not a bad practice but there must be safeguards in place. You can restrict your employees from accessing exclusive data from their personal devices.\u00a0<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">Mobile devices are vulnerable to hacking, with a study revealing that around <\/span><b>50% of IT executives reported significant financial losses, exceeding $250,000, due to security incidents <\/b><span style=\"font-weight: 400;\">involving personal mobile devices. Nonetheless, there are security measures you can adopt to safeguard mobile apps against threats. <\/span><b>Mobile app security testing tools (MAST) play a crucial role in enhancing app security <\/b><span style=\"font-weight: 400;\">by conducting testing and detecting potential vulnerabilities.\u00a0<\/span><\/span><\/p>\n<h3 style=\"text-align: justify;\"><span class=\"ez-toc-section\" id=\"Restricted_data_access\"><\/span><span style=\"color: #000000;\"><b>Restricted data access<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400; color: #000000;\">Your organization should provide cybersecurity education to every employee. However, not every employee should have access to all of the data gathered. For this reason, the CEO must ensure the arrangement of every piece of data gathered from clients.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400; color: #000000;\">Limited data on client information promotes responsibility and reduces the possibility of data breaches on by human error or carelessness. Using password protection for various employee hierarchies is one technique to restrict access. Moreover, the adoption of two-factor authentication reduces the likelihood of unauthorized individuals using compromised passwords to access data.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400; color: #000000;\">As a CISO, you\u2019re the gatekeeper of the company\u2019s exclusive information. Given the ubiquity and sophistication of cyberattacks, it is imperative to be cautious and proactive in defending against such threats.\u00a0You may reduce the dangers connected with Microsoft impersonation and fortify your organization&#8217;s defenses by implementing a thorough cybersecurity strategy. Are you doing everything you can to prevent your company from becoming the next victim of a cyberattack?<\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"FAQs_Microsoft_Impersonation_Attack\"><\/span><strong><span style=\"color: #000000;\">FAQs: Microsoft Impersonation Attack<\/span><\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n<div class=\"schema-faq wp-block-yoast-faq-block\"><div class=\"schema-faq-section\" id=\"faq-question-1687757480460\"><strong class=\"schema-faq-question\">What is an example of brand impersonation?<\/strong> <p class=\"schema-faq-answer\">Brand Impersonation is a phishing tactic by hackers wherein they pretend to be a legitimate website to win the trust of the target. You saw those emails in your junk mail box where the sender ask you to click a link? The idea behind it is to get you to click the URL and give sensitive information by logging in along with your username and password.\u00a0<\/p> <\/div> <div class=\"schema-faq-section\" id=\"faq-question-1687759084333\"><strong class=\"schema-faq-question\">What is the impersonation technique?<\/strong> <p class=\"schema-faq-answer\">Threat actors use look-alike or cousin domains with near-identical names, but with minor differences to confuse the target. This technique is often used to trick users into thinking they are legit.<\/p> <\/div> <div class=\"schema-faq-section\" id=\"faq-question-1687759099313\"><strong class=\"schema-faq-question\">What is an email Impersonation?<\/strong> <p class=\"schema-faq-answer\">The goal of an email impersonation attack, a sort of phishing assault, is to fool the receiver into clicking a malicious link or attachment by pretending to be a legitimate sender. Obtaining the account and password to access the restricted data is the goal. For instance, the username for &#8220;bill.gates@microsoft.com&#8221; is &#8220;bill. gates&#8221;. Although username impersonation is the least complex type of email impersonation, it nevertheless has the potential to fool an unwary victim.<\/p> <\/div> <div class=\"schema-faq-section\" id=\"faq-question-1687759129945\"><strong class=\"schema-faq-question\">What is an impersonation of social engineering techniques?<\/strong> <p class=\"schema-faq-answer\">Impersonation is one of several social engineering tools used to gain access to a system or network in order to commit fraud, industrial espionage, or identity theft. Impersonation is a form of social engineering because it uses psychological manipulations to make people do a security mistake by clicking on a link.<\/p> <\/div> <div class=\"schema-faq-section\" id=\"faq-question-1687759163991\"><strong class=\"schema-faq-question\">How does an impersonation attack work?<\/strong> <p class=\"schema-faq-answer\">Impersonation attacks are a type of cyber attack where the attacker tries to deceive a targeted individual by posing as someone else, usually through email. These attacks don&#8217;t rely on malware but rather exploit social engineering techniques to gain the victim&#8217;s trust.\u00a0<br\/>The main targets of impersonation attacks are employees who have the authority to initiate financial transactions or access sensitive data. The employee receives an urgent email that seems to be from a trusted source demanding immediate action such as wiring money to a specific account or sharing confidential information.<\/p> <\/div> <\/div>\n","protected":false},"excerpt":{"rendered":"<p>Cyberattacks are becoming increasingly sophisticated and email impersonation is one of the most common forms of phishing attack. Cybercriminals are always looking for new ways to infiltrate big networks and steal sensitive information.&nbsp; Brands are frequently imitated in a variety of services, including illegal streaming sites, retail websites, social media, finance, and more. Microsoft, a [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":9235,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[41,43],"tags":[],"class_list":["post-9196","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cyber-attacks","category-social-engineering"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>How Microsoft Impersonation Become a Major Concern for CISOs?<\/title>\n<meta name=\"description\" content=\"Microsoft topped the list of hackers&#039; favorite impersonation brands in 2022. And Microsoft impersonation is a major concern for CISOs.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How Microsoft Impersonation Become a Major Concern for CISOs?\" \/>\n<meta property=\"og:description\" content=\"Microsoft topped the list of hackers&#039; favorite impersonation brands in 2022. And Microsoft impersonation is a major concern for CISOs.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/\" \/>\n<meta property=\"og:site_name\" content=\"Threatcop\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/people\/Threatcop\/100083109892339\/\" \/>\n<meta property=\"article:published_time\" content=\"2023-06-27T11:46:36+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-08-13T06:00:03+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/06\/4cff4c53-7c1b-459b-a200-9f41d77c3a90.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1250\" \/>\n\t<meta property=\"og:image:height\" content=\"1200\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Sanjana Kumari\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatcop\" \/>\n<meta name=\"twitter:site\" content=\"@threatcop\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Sanjana Kumari\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"14 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/microsoft-impersonation\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/microsoft-impersonation\\\/\"},\"author\":{\"name\":\"Sanjana Kumari\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/person\\\/2703154c3efcd8ecca1e4683c696888d\"},\"headline\":\"How has Microsoft Impersonation Become a Major Concern for CISOs?\",\"datePublished\":\"2023-06-27T11:46:36+00:00\",\"dateModified\":\"2024-08-13T06:00:03+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/microsoft-impersonation\\\/\"},\"wordCount\":2516,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/microsoft-impersonation\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/06\\\/4cff4c53-7c1b-459b-a200-9f41d77c3a90.jpg\",\"articleSection\":[\"Cyber Attacks\",\"Social Engineering\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/threatcop.com\\\/blog\\\/microsoft-impersonation\\\/#respond\"]}]},{\"@type\":[\"WebPage\",\"FAQPage\"],\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/microsoft-impersonation\\\/\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/microsoft-impersonation\\\/\",\"name\":\"How Microsoft Impersonation Become a Major Concern for CISOs?\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/microsoft-impersonation\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/microsoft-impersonation\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/06\\\/4cff4c53-7c1b-459b-a200-9f41d77c3a90.jpg\",\"datePublished\":\"2023-06-27T11:46:36+00:00\",\"dateModified\":\"2024-08-13T06:00:03+00:00\",\"description\":\"Microsoft topped the list of hackers' favorite impersonation brands in 2022. And Microsoft impersonation is a major concern for CISOs.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/microsoft-impersonation\\\/#breadcrumb\"},\"mainEntity\":[{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/microsoft-impersonation\\\/#faq-question-1687757480460\"},{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/microsoft-impersonation\\\/#faq-question-1687759084333\"},{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/microsoft-impersonation\\\/#faq-question-1687759099313\"},{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/microsoft-impersonation\\\/#faq-question-1687759129945\"},{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/microsoft-impersonation\\\/#faq-question-1687759163991\"}],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/threatcop.com\\\/blog\\\/microsoft-impersonation\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/microsoft-impersonation\\\/#primaryimage\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/06\\\/4cff4c53-7c1b-459b-a200-9f41d77c3a90.jpg\",\"contentUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/06\\\/4cff4c53-7c1b-459b-a200-9f41d77c3a90.jpg\",\"width\":1250,\"height\":1200,\"caption\":\"Microsoft Brand Impersonation\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/microsoft-impersonation\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"How has Microsoft Impersonation Become a Major Concern for CISOs?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/\",\"name\":\"Threatcop\",\"description\":\"Cybersecurity Blogs, News, Updates, and Articles\",\"publisher\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#organization\",\"name\":\"Threatcop\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/threatcop-logo-black-1.png\",\"contentUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/threatcop-logo-black-1.png\",\"width\":432,\"height\":102,\"caption\":\"Threatcop\"},\"image\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/people\\\/Threatcop\\\/100083109892339\\\/\",\"https:\\\/\\\/x.com\\\/threatcop\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/threatcop\\\/\",\"https:\\\/\\\/www.instagram.com\\\/threatcop_official\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/person\\\/2703154c3efcd8ecca1e4683c696888d\",\"name\":\"Sanjana Kumari\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/10\\\/avatar_user_4_1696400016.png\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/10\\\/avatar_user_4_1696400016.png\",\"contentUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/10\\\/avatar_user_4_1696400016.png\",\"caption\":\"Sanjana Kumari\"},\"description\":\"Security Compliance Executive Department: Compliance, Threatcop Sanjana is a Security Compliance Executive working on best-of-the-industry-level compliances relevant from a cybersecurity perspective, their implementation, learning and outcomes in various business domains.\"},{\"@type\":\"Question\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/microsoft-impersonation\\\/#faq-question-1687757480460\",\"position\":1,\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/microsoft-impersonation\\\/#faq-question-1687757480460\",\"name\":\"What is an example of brand impersonation?\",\"answerCount\":1,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"Brand Impersonation is a phishing tactic by hackers wherein they pretend to be a legitimate website to win the trust of the target. You saw those emails in your junk mail box where the sender ask you to click a link? The idea behind it is to get you to click the URL and give sensitive information by logging in along with your username and password.\u00a0\",\"inLanguage\":\"en-US\"},\"inLanguage\":\"en-US\"},{\"@type\":\"Question\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/microsoft-impersonation\\\/#faq-question-1687759084333\",\"position\":2,\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/microsoft-impersonation\\\/#faq-question-1687759084333\",\"name\":\"What is the impersonation technique?\",\"answerCount\":1,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"Threat actors use look-alike or cousin domains with near-identical names, but with minor differences to confuse the target. This technique is often used to trick users into thinking they are legit.\",\"inLanguage\":\"en-US\"},\"inLanguage\":\"en-US\"},{\"@type\":\"Question\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/microsoft-impersonation\\\/#faq-question-1687759099313\",\"position\":3,\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/microsoft-impersonation\\\/#faq-question-1687759099313\",\"name\":\"What is an email Impersonation?\",\"answerCount\":1,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"The goal of an email impersonation attack, a sort of phishing assault, is to fool the receiver into clicking a malicious link or attachment by pretending to be a legitimate sender. Obtaining the account and password to access the restricted data is the goal. For instance, the username for \\\"bill.gates@microsoft.com\\\" is \\\"bill. gates\\\". Although username impersonation is the least complex type of email impersonation, it nevertheless has the potential to fool an unwary victim.\",\"inLanguage\":\"en-US\"},\"inLanguage\":\"en-US\"},{\"@type\":\"Question\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/microsoft-impersonation\\\/#faq-question-1687759129945\",\"position\":4,\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/microsoft-impersonation\\\/#faq-question-1687759129945\",\"name\":\"What is an impersonation of social engineering techniques?\",\"answerCount\":1,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"Impersonation is one of several social engineering tools used to gain access to a system or network in order to commit fraud, industrial espionage, or identity theft. Impersonation is a form of social engineering because it uses psychological manipulations to make people do a security mistake by clicking on a link.\",\"inLanguage\":\"en-US\"},\"inLanguage\":\"en-US\"},{\"@type\":\"Question\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/microsoft-impersonation\\\/#faq-question-1687759163991\",\"position\":5,\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/microsoft-impersonation\\\/#faq-question-1687759163991\",\"name\":\"How does an impersonation attack work?\",\"answerCount\":1,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"Impersonation attacks are a type of cyber attack where the attacker tries to deceive a targeted individual by posing as someone else, usually through email. These attacks don't rely on malware but rather exploit social engineering techniques to gain the victim's trust.\u00a0<br\\\/>The main targets of impersonation attacks are employees who have the authority to initiate financial transactions or access sensitive data. The employee receives an urgent email that seems to be from a trusted source demanding immediate action such as wiring money to a specific account or sharing confidential information.\",\"inLanguage\":\"en-US\"},\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"How Microsoft Impersonation Become a Major Concern for CISOs?","description":"Microsoft topped the list of hackers' favorite impersonation brands in 2022. And Microsoft impersonation is a major concern for CISOs.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/","og_locale":"en_US","og_type":"article","og_title":"How Microsoft Impersonation Become a Major Concern for CISOs?","og_description":"Microsoft topped the list of hackers' favorite impersonation brands in 2022. And Microsoft impersonation is a major concern for CISOs.","og_url":"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/","og_site_name":"Threatcop","article_publisher":"https:\/\/www.facebook.com\/people\/Threatcop\/100083109892339\/","article_published_time":"2023-06-27T11:46:36+00:00","article_modified_time":"2024-08-13T06:00:03+00:00","og_image":[{"width":1250,"height":1200,"url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/06\/4cff4c53-7c1b-459b-a200-9f41d77c3a90.jpg","type":"image\/jpeg"}],"author":"Sanjana Kumari","twitter_card":"summary_large_image","twitter_creator":"@threatcop","twitter_site":"@threatcop","twitter_misc":{"Written by":"Sanjana Kumari","Est. reading time":"14 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/#article","isPartOf":{"@id":"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/"},"author":{"name":"Sanjana Kumari","@id":"https:\/\/threatcop.com\/blog\/#\/schema\/person\/2703154c3efcd8ecca1e4683c696888d"},"headline":"How has Microsoft Impersonation Become a Major Concern for CISOs?","datePublished":"2023-06-27T11:46:36+00:00","dateModified":"2024-08-13T06:00:03+00:00","mainEntityOfPage":{"@id":"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/"},"wordCount":2516,"commentCount":0,"publisher":{"@id":"https:\/\/threatcop.com\/blog\/#organization"},"image":{"@id":"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/#primaryimage"},"thumbnailUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/06\/4cff4c53-7c1b-459b-a200-9f41d77c3a90.jpg","articleSection":["Cyber Attacks","Social Engineering"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/threatcop.com\/blog\/microsoft-impersonation\/#respond"]}]},{"@type":["WebPage","FAQPage"],"@id":"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/","url":"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/","name":"How Microsoft Impersonation Become a Major Concern for CISOs?","isPartOf":{"@id":"https:\/\/threatcop.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/#primaryimage"},"image":{"@id":"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/#primaryimage"},"thumbnailUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/06\/4cff4c53-7c1b-459b-a200-9f41d77c3a90.jpg","datePublished":"2023-06-27T11:46:36+00:00","dateModified":"2024-08-13T06:00:03+00:00","description":"Microsoft topped the list of hackers' favorite impersonation brands in 2022. And Microsoft impersonation is a major concern for CISOs.","breadcrumb":{"@id":"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/#breadcrumb"},"mainEntity":[{"@id":"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/#faq-question-1687757480460"},{"@id":"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/#faq-question-1687759084333"},{"@id":"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/#faq-question-1687759099313"},{"@id":"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/#faq-question-1687759129945"},{"@id":"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/#faq-question-1687759163991"}],"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/threatcop.com\/blog\/microsoft-impersonation\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/#primaryimage","url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/06\/4cff4c53-7c1b-459b-a200-9f41d77c3a90.jpg","contentUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/06\/4cff4c53-7c1b-459b-a200-9f41d77c3a90.jpg","width":1250,"height":1200,"caption":"Microsoft Brand Impersonation"},{"@type":"BreadcrumbList","@id":"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/threatcop.com\/blog\/"},{"@type":"ListItem","position":2,"name":"How has Microsoft Impersonation Become a Major Concern for CISOs?"}]},{"@type":"WebSite","@id":"https:\/\/threatcop.com\/blog\/#website","url":"https:\/\/threatcop.com\/blog\/","name":"Threatcop","description":"Cybersecurity Blogs, News, Updates, and Articles","publisher":{"@id":"https:\/\/threatcop.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/threatcop.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/threatcop.com\/blog\/#organization","name":"Threatcop","url":"https:\/\/threatcop.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/threatcop.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2026\/06\/threatcop-logo-black-1.png","contentUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2026\/06\/threatcop-logo-black-1.png","width":432,"height":102,"caption":"Threatcop"},"image":{"@id":"https:\/\/threatcop.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/people\/Threatcop\/100083109892339\/","https:\/\/x.com\/threatcop","https:\/\/www.linkedin.com\/company\/threatcop\/","https:\/\/www.instagram.com\/threatcop_official\/"]},{"@type":"Person","@id":"https:\/\/threatcop.com\/blog\/#\/schema\/person\/2703154c3efcd8ecca1e4683c696888d","name":"Sanjana Kumari","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/10\/avatar_user_4_1696400016.png","url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/10\/avatar_user_4_1696400016.png","contentUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/10\/avatar_user_4_1696400016.png","caption":"Sanjana Kumari"},"description":"Security Compliance Executive Department: Compliance, Threatcop Sanjana is a Security Compliance Executive working on best-of-the-industry-level compliances relevant from a cybersecurity perspective, their implementation, learning and outcomes in various business domains."},{"@type":"Question","@id":"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/#faq-question-1687757480460","position":1,"url":"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/#faq-question-1687757480460","name":"What is an example of brand impersonation?","answerCount":1,"acceptedAnswer":{"@type":"Answer","text":"Brand Impersonation is a phishing tactic by hackers wherein they pretend to be a legitimate website to win the trust of the target. You saw those emails in your junk mail box where the sender ask you to click a link? The idea behind it is to get you to click the URL and give sensitive information by logging in along with your username and password.\u00a0","inLanguage":"en-US"},"inLanguage":"en-US"},{"@type":"Question","@id":"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/#faq-question-1687759084333","position":2,"url":"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/#faq-question-1687759084333","name":"What is the impersonation technique?","answerCount":1,"acceptedAnswer":{"@type":"Answer","text":"Threat actors use look-alike or cousin domains with near-identical names, but with minor differences to confuse the target. This technique is often used to trick users into thinking they are legit.","inLanguage":"en-US"},"inLanguage":"en-US"},{"@type":"Question","@id":"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/#faq-question-1687759099313","position":3,"url":"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/#faq-question-1687759099313","name":"What is an email Impersonation?","answerCount":1,"acceptedAnswer":{"@type":"Answer","text":"The goal of an email impersonation attack, a sort of phishing assault, is to fool the receiver into clicking a malicious link or attachment by pretending to be a legitimate sender. Obtaining the account and password to access the restricted data is the goal. For instance, the username for \"bill.gates@microsoft.com\" is \"bill. gates\". Although username impersonation is the least complex type of email impersonation, it nevertheless has the potential to fool an unwary victim.","inLanguage":"en-US"},"inLanguage":"en-US"},{"@type":"Question","@id":"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/#faq-question-1687759129945","position":4,"url":"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/#faq-question-1687759129945","name":"What is an impersonation of social engineering techniques?","answerCount":1,"acceptedAnswer":{"@type":"Answer","text":"Impersonation is one of several social engineering tools used to gain access to a system or network in order to commit fraud, industrial espionage, or identity theft. Impersonation is a form of social engineering because it uses psychological manipulations to make people do a security mistake by clicking on a link.","inLanguage":"en-US"},"inLanguage":"en-US"},{"@type":"Question","@id":"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/#faq-question-1687759163991","position":5,"url":"https:\/\/threatcop.com\/blog\/microsoft-impersonation\/#faq-question-1687759163991","name":"How does an impersonation attack work?","answerCount":1,"acceptedAnswer":{"@type":"Answer","text":"Impersonation attacks are a type of cyber attack where the attacker tries to deceive a targeted individual by posing as someone else, usually through email. These attacks don't rely on malware but rather exploit social engineering techniques to gain the victim's trust.\u00a0<br\/>The main targets of impersonation attacks are employees who have the authority to initiate financial transactions or access sensitive data. The employee receives an urgent email that seems to be from a trusted source demanding immediate action such as wiring money to a specific account or sharing confidential information.","inLanguage":"en-US"},"inLanguage":"en-US"}]}},"_links":{"self":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts\/9196","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/comments?post=9196"}],"version-history":[{"count":23,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts\/9196\/revisions"}],"predecessor-version":[{"id":11688,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts\/9196\/revisions\/11688"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/media\/9235"}],"wp:attachment":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/media?parent=9196"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/categories?post=9196"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/tags?post=9196"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}