10 Spoofing Facts & Brand Impersonation Facts That Will Shock You

April 08, 2022

Spoofing and its corollary brand impersonation or brand fraud are cybercriminal favorites. It’s one of the oldest tricks in the book for a reason: it works. Employees are likely to approach messages from trusted brands that they interact with frequently like Microsoft or Amazon with less suspicion, making brand impersonation a powerful social engineering tool. Cybercriminals know that and exploit that fact constantly, hitting businesses with a constant cascade of branded phishing messages. Employees can have a very difficult time telling the difference between a real message and a fake, leading to major problems for their employers. These spoofing facts and brand impersonation facts can help you understand the danger that these cyberattacks present to every organization.


AI is the secret weapon you’re looking for to boost business email security. SEE WHY>>


10 Spoofing Facts & Brand Impersonation Facts


  1. 25% of all branded emails that companies receive are spoofed or brand impersonation attempts.    
  2. Brand impersonation has risen by more than 360% since 2020
  3. 97% of employees cannot recognize sophisticated phishing threats. 
  4. 98% of cyberattacks contain one or more elements of social engineering like spoofing. 
  5. 98% of organizations received a threat from a supplier domain in 2021.
  6. One-quarter of all email phishing attacks in Q4 2021 spoofed UPS or DHL 
  7. Brand fraud in 2021 was 15 times higher than in 2020 
  8. 1 in 3 employees is likely to click the links in phishing emails.     
  9. 45% of employees click emails they consider to be suspicious “just in case it’s important.”   
  10. 1 in 8 employees is likely to share information requested in a phishing email.  

Download our ” Can You Spot a Spoofed Email?” infographic to see common red flags! GET IT>>


See how to avoid cybercriminal sharks in Phishing 101. DOWNLOAD IT>>


The 10 Most Spoofed/Impersonated Brands


As these brand impersonation facts and spoofing facts show, cybercriminals had a big year in 2021, bringing fresh danger to employee inboxes. Employees encounter this threat frequently – Traditionally Microsoft holds the top spot. But DHL surpassed them at the end of 2021, accounting for almost a quarter of branded phishing attempts. However, Microsoft didn’t fall too far down the list. Microsoft came in at number two, the brand that cybercriminals mimicked for one-fifth of phishing schemes. Communication juggernaut WhatsApp came in third with Google just on its heels. LinkedIn is still a cybercriminal go-to, but Facebook (now going by Meta) dropped out of the top 10.   

  1. DHL 23%  
  2. Microsoft 20%  
  3. WhatsApp 11%  
  4. Google 10%  
  5. LinkedIn  8%  
  6. Amazon  4%  
  7. Roblox  3%  
  8. FedEx  3%  
  9. PayPal  2%  
  10. Apple  2%  

Learn the secret to ransomware defense in Cracking the RANSOMWARE Code. GET BOOK>>


Spoofing Facts & Brand Impersonation Facts Show the Scope of the Danger That Businesses Face


Microsoft dropping to second place doesn’t reduce the danger of Microsoft-branded phishing for businesses. Approximately 145 million people use Teams/Office 365 every day. That’s a big reason why Microsoft is the perennial champion of brands that are imitated for attachments. Employees handle a lot of Office files. Just under 50% of malicious email attachments arrive in Microsoft Office formats. Microsoft Office formats like Word, PowerPoint and Excel are popular file extensions for cybercriminals to use when transmitting malware via email, accounting for 38% of phishing attacks. The next most popular delivery method: archived files such as .zip and .jar, which account for about 37% of malicious transmissions.   

Stealing a company’s brand reputation is just like stealing its identity. Companies spend time and money building their brands and part of those efforts are spent establishing themselves as a trustworthy, upright organization that is both a good business partner and a quality company for customers to patronize. But cybercriminals love to profit from other people’s hard work. One way that they can capitalize on a company’s stellar brand reputation in the business world is to fraudulently contact companies that brand does business with or companies that are a logical partnership fit using fake social media accounts. Bad actors can use this method to gather information, obtain credentials and more that enable them to launch business email compromise schemes without ever sending an email. 


Learn how incident response planning boosts cyber resilience & security. GET THE EBOOK>>


Spoofing Facts & Brand Impersonation Facts About Social Media Fraud


Retailers are often especially plagued by social media phishing. Luxury retail brands are constantly battling misrepresentation on social media, and cybercriminals use those brands to fleece and phish unsuspecting victims every day. Cybercriminals are making an effort to quickly shift their operations to the current hot social media platform. Right now, that means they’re putting time and effort into defrauding TikTok users. Big-name retail brands like Gucci, Rolex and Louis Vuitton were among those most heavily targeted by counterfeiters on TikTok in 2021.   

Most Counterfeited Luxury Brands on TikTok  

In views of hashtagged brand impersonation/spoofed posts in 2021

  1. Gucci 13.6 million   
  2. Rolex 11.7 million 
  3. Louis Vuitton  2.08 million   
  4. Dior 282,700   
  5. Chanel  163,181 

See 10 reasons why Graphus is better than other email security solutions. SEE THE LIST>>


Red Flags That Could indicate Brand Impersonation & Spoofing


Caution when handling branded email can help reduce the chance of interacting with a phishing message. There are a few red flags that are tip-offs that a branded email may be spoofed or faked instead of a genuine message from that brand.   

A Strange or Highly Urgent Subject Line   

Subject lines that feature oddities like “Warning”, “Your funds has” or “Message is for a trusted” should set off alarm bells, especially if the subject line demands urgent action.   

Common Subject Lines for Brand Fraud Messages Aimed at Businesses  

  • Reset Password Required   
  • Update Payment Information  
  • Failed Delivery Attempt  
  • Immediate Action Required  
  • Account Security Alert 
  • Final Notice  
  • Overdue Invoice  
  • Pending Invoice  
  • Tracking Link Enclosed  
  • Pending Customs Fees  

An Improper or Unprofessional Greeting  

If the greeting seems strange, be suspicious. Is the greeting in a different style than you usually see from this sender? Is it generic when it is usually personalized, or vice versa? Anomalies in the greeting are red flags that a message may not be legitimate.   

A Message Sent from an Unofficial or Unusual Domain   

Check the sender’s domain by looking at the email address of the sender. A message from a major corporation is going to come from that company’s usual, official domain. For example, If a message carrying a security warning says it is from “Sender@microsoftsecurity.com instead of “Sender@microsoft.com”, it’s likely phishing.   

Odd Word Choices & Grammar   

This is a hallmark test for a phishing message. Check for grammatical errors, usage mistakes, data that doesn’t make sense, variances in the company name or address, strange word choices and problems with capitalization or punctuation. An error-filled message is probably phishing. 

Unusual Spelling Mistakes & Emojis  

Even major brands sometimes send out messages with spelling errors. But a message riddled with isn’t likely to be legitimate. This is fast way to suss out phishing. While some brands do use emojis in email subject lines, they’re rarely used in the body of a major branded email. View emojis with suspicion.  

Variations in Style or Choppiness

Fraudulent messages may have small variations in style from the company that they’re impersonating’s usual emails. Sometimes when bad actors spoof emails, they only replace some of the text. If a message is choppy or contains parts that don’t fit the rest, be wary. Beware of unusual fonts, colors that are just a little off, logos that are odd or formats that aren’t quite right. These are common indicators of a spoofed message.    

Strange Links  

Malicious links are a cybercriminal’s best friend and a common way that malware is distributed. Links that don’t go to the company that supposedly sent the message’s official domain or social media account are dangerous and could be attempts to phish or deploy ransomware

If It’s Too Good to Be True…  

Be cautious about interacting with messages from any celebrity or a company you’ve never done business with, especially if they seem tailor-made for your company. Messages from government agencies should also be handled with care. For example, the US federal government will never ask you for PII, payment card numbers or financial data through an email message.   


How safe is your email domain? Find out now with our domain checker. CHECK YOUR DOMAIN>>


Graphus Can’t Be Fooled 


An estimated 48% of businesses do not have effective security in place to ward off brand impersonation attacks.  One reason for that is that conventional security like a SEG or onboard security in Microsoft 365 or GSuite can’t get the job done. But AI-powered, automated email security can detect and stop sophisticated phishing messages like spoofing and brand impersonation 40% more effectively than conventional security – and automated email security from Graphus is affordable for every business.  

Schedule a demo today.  


Stay safe from even the most sophisticated cyberattacks and social engineering scams

Put the powerful TrustGraph® AI of Graphus to work for your business, and in minutes you’ll get a powerful, easy-to-use, and customizable EmployeeShield® against phishing attacks.
Get a Demo of Graphus