Is that Microsoft email actually a phishing attack?
June 8, 2022
|
4
min read
Highlights
One of our most trusted brands has become the most imitated brand in phishing attacks, accounting for a whopping 29% in the second quarter of this year. Which brand is it, and how can you stay protected? Our latest blog has the details
You’re no stranger to the endless threats lurking in your email inbox. But have you ever considered that an email that seems to be from Microsoft could end up being your worst nightmare?
Microsoft, the tech giant we all know and trust, has become the most imitated brand when it comes to phishing attacks. That’s where cybervcriminals send you an email which contains a malicious link or file. They’re trying to steal your data.
And whilst Microsoft isn't to blame for this, you and your employees need to be on high alert for anything that seems suspicious.
During the second quarter of 2023, Microsoft soared to the top of brands imitated by criminals, accounting for 29% of brand phishing attempts.
This places it well ahead of Google in second place (19.5%) and Apple in third place (5.2%). These three tech titans account for more than half of the observed brand imitator attacks.
But what does this mean for your business?
Despite a clear surge in fake emails targeting millions of Windows and Microsoft 365 customers worldwide, careful observation can help protect you from identity theft and fraud attacks.
Whilst the most imitated brands change from quarter to quarter, usually cyber criminals are less likely to change their tactics.
They use legitimate-looking logos, colours, and fonts. Phishing scams frequently use domains or URLs that are similar to the real deal. But a careful scan of these and the content of any messages will often expose typos and errors – the tell-tale signs of a phishing attack.
One of the latest attacks claims there has been unusual Microsoft account sign-in activity on your account, directing you to a malicious link. These links are designed to steal everything from login credentials to payment details.
And whilst tech firms continue to be popular scam subjects, many cyber criminals have turned to financial services like online banking, gift cards, and online shopping orders. Wells Fargo and Amazon both rounded up the top five during Q2 2023, accounting for 4.2% and 4% of brand phishing attempts respectively.
What can you do to protect your business?
The answer is simpler than you might think. The best course of action when it comes to phishing is to slow down, observe, and analyse. Could you check for discrepancies in URLs, domains, and message text?
If we can help please do get in touch!
Tell us about yourself so we can serve you best.
Got a question?
More articles
.png)
This special edition of our Leading London series brings together the partners behind the rollout of the City of London Corporation’s new unified network, a major upgrade designed to strengthen public services and improve connectivity across the Square Mile and beyond.
The panel included:
- Sam Collins, Assistant Director of Digital and Data, City of London Corporation
- Chelsea Chamberlin, Chief Technology Officer, Roc Technologies
- Scott McKinnon, Chief Security Officer, Palo Alto Networks
- Rhod Morgan, Chief Operations Officer, Vorboss
- Elliot Townsend, Senior Director, Juniper Networks
- Christa Elizabeth Norton, Marketing Director, Roc Technologies
Together, they explored how the new network will improve public services, strengthen cyber resilience and support a more connected, future-ready City.
For many landlords and building managers, the word “wayleave” feels like the responsible route whenever a fibre circuit is being installed on their property. It sounds formal and safe – a neat legal box to tick.
In many cases, however, a wayleave adds unnecessary complexity and delays, frustrates tenants, and can expose landlords to long-term legal risks.
At Vorboss, we’ve connected thousands of office spaces across London without a wayleave, keeping landlords in full control and getting tenants online faster.
What is a wayleave?
A wayleave is a written agreement between a landowner and a telecoms operator. It gives the operator permission to install and keep equipment on private property.
What many people don’t realise is that signing a wayleave also activates “Code rights” under the Electronic Communications Code. These rights go beyond simple permission, they give the operator legal powers to stay on the property indefinitely, access it when needed, and even refuse removal of their equipment in certain situations.
For a typical connection into a commercial building in London, a wayleave can make the fibre installation process slower, more expensive, and limit the landlord’s flexibility long term.
Why a wayleave isn’t required for standard in-building fibre connections
For a standard in-building fibre connection serving a tenant, a wayleave isn’t a legal requirement. Important protections, like building access, fire safety, repairing any damage, and removing equipment, are already covered by the tenant’s lease and usual building rules.
If no wayleave is signed, no Code rights are triggered, meaning the landlord retains full control and the installation exists under a simple, fully revocable licence.
In practice, this gives landlords far more protection and flexibility:
- No legal lock-in – the telecoms operator has no long-term rights to stay or refuse removal.
- Landlords keep full control – equipment can be moved or removed when the building changes.
- Faster fibre installation – no time lost in drafting contracts or solicitor reviews.
- Happier tenants – connections go live quicker; tenants get to move in faster.
By contrast, signing a wayleave and granting Code rights introduces a complex and expensive legal process for any fibre removal or relocation. This can take at least 18 months, plus potential court or tribunal proceedings, making it slower, and far less flexible for the landlord.
.avif)
.avif)
