In 2026, Microsoft is once again in a top spot — but not on a list that the company would want to land on. Once again, the software giant is listed as a top brand used in phishing attacks by scammers.
This makes it the second year in a row for Microsoft, even though last year’s results came from Check Point researchers, while this year’s list was published by Guardio Labs. Previously, Guardio had Facebook in the No. 1 spot, with the social media site finishing second behind Microsoft this time around; Roblox takes third place, and you'll find the top 10 below.
Guardio researchers found that the phishing activity surged heavily at the end of 2025 — unsurprisingly, as attackers often choose times when people are most distracted or overwhelmed. Phishing is a technique that relies on victims to be busy, unaware and to rely on brand trust. The end of the year is when people are often online for more hours, shopping, renewing subscriptions and performing business tasks like end-of-the-year reviews. This extends even into January, when people are more likely to begin job hunting.
“Scams now arrive at the exact moments when consumers interact most frequently with the brands being impersonated, turning routine digital tasks into vulnerability windows.”
— Guardio Labs
Microsoft makes for a particularly attractive target, as it offers a vast ecosystem of software: email, cloud storage, enterprise services and more. That means attackers have a wide array of ways to reach victims. Worse still, it means that once attackers have compromised one account they’ll have access to the whole suite and all the other files, systems, email and cloud accounts tied to it.
AI has also assisted hackers in making increasingly convincing fake login pages, phony security alerts and malicious billing notices that are nearly indistinguishable from the legitimate ones sent by Microsoft and other companies. Phishing kits also have grown more useful — not only do they offer malware services capable of stealing passwords, but they now can also take session cookies and multi-factor authentication tokens as well.
Guardio researchers raised concerns about the addition of Roblox to the list of phishing attacks. With the game already suffering so many security related issues, youth-targeted fraud is just another problem on the list.
Younger players are much less savvy about security and phishing attempts that promise free in-game currency and exclusive items or that send fake suspension warnings are more likely to get clicked on by teenagers or kids who cannot tell a scam attempt from a legitimate communication.
Ten most impersonated companies in phishing attacks in 2025
- Microsoft
- Roblox
- McAfee
- Steam
- AT&T
- Amazon
- Yahoo
- Coinbase
How to stay safe from phishing attacks
Here are the phishing rules that we live by: don’t trust any email you receive that says there’s an issue with your account. Watch out for phishing lures — if an email is trying to instill a sense of urgency or pressure you to do something like resetting a password or “fixing” a problem with an account.
Always find an independent way to log in to verify a potential problem, like going directly to the web address in your browser to check your account or messages. If you receive something suspicious in text or email, search the phone numbers and email addresses to verify the contact information. You should also hover over links to see where they redirect to as well.
Never click on or download anything that appears in an unexpected email, and don’t respond either, as doing so shows scammers that they’re interacting with an active phone number or email account. Additionally, make sure that you enable two-factor authentication (2FA) to add an extra layer of security for your online accounts to prevent scammers from accessing them if they do manage to steal your credentials.
Of course, you'll also want to protect all your devices with one of the best antivirus programs on your computer, tablet and smartphone. You also want to make sure that you're familiar with all of its features that can help you stay safe online like a VPN or a hardened browser.
Follow Tom's Guide on Google News and add us as a preferred source to get our up-to-date news, analysis, and reviews in your feeds.
