Receiving an email from a well-known brand such as UPS, Apple, or Uber may seem harmless at first glance, but even if the message looks trustworthy - it could be a spoof! Cybercriminals often design phishing emails disguised as reputable companies to engage users in click-bait behavior. Many times a brand knock-off email includes panic language which creates a sense of urgency, so users will click a link before they stop and think about the possible threats. Let’s dive into our top three most clicked phishing templates! Below we will learn more about brand knock-offs and identify how these three templates are convincing users to take the bait.
What are brand knock-offs?
A phishing attempt known as a brand knock-off is a very common strategy that results in high click-rates. By using a branded email appearing to be sent from a familiar company, hackers manipulate user curiosity enough for them to act on something within the email. These phishing attempts are relying on targets to click a link that sends them to a malicious website intended to steal login credentials, financial information, or personal data. Brand knock-offs can look very realistic, oftentimes copied from legitimate communications sent by the company. Although more challenging to spot the spoof, users can still apply the basic best practices to outsmart this phishing method. Read below to take a deeper look at each brand knock-off email template.
1. UPS - Estimated Delivery
You have a package coming! But wait, do you? It may be normal for you to receive these emails from UPS when you are expecting a package, so it’s easy to get excited about what’s arriving at your door and when. This type of email tests users’ curiosity with a personal delivery update using a standard UPS template that looks familiar and trusting. Especially during the seasons of gifting, package notification emails will receive high click-rates so this template is great to test users with an example of a brand knock-off email influenced by a holiday or time of the year.
2. Apple - Apple Support
Everyone has an Apple device these days, right? Well, for those who do not may also fall victim to this brand knock-off. Curiosity comes into play with this template as well because whether you have an Apple ID or not, you might want to get to the bottom of who contacted Apple with your name and email address. As simple as this message looks, the brand logos can be enough to convince users that it is important for them to click on the case number link.
3. Uber - New Device Sign In
Reporting a login that wasn’t you seems like the right thing to do in the moment, but that’s how you get hooked! Feelings of uncertainty usually overshadow sound judgment with emails like this since hackers often use urgency to create panic and impulsive behavior. This template tests users on emotional response and helps them understand why it’s always best practice to stop and think before you click!
So is it safe or a spoof? Your users will be put to the test with these most-clicked brand knock-off templates. Thank you for watching our video! Be sure to visit our Hook Labs blog site for more phishing education and resources on our content library!