There's a good chance that if you open your email inbox and check your spam messages, you'll see a phishing attempt centered around someone impersonating a company. Among all the phishing messages sitting in your spam folder (and potentially your normal inbox), you'll probably see one alleging to be from Microsoft.
According to Check Point, 22 percent of all brand phishing attempts in 2025 had an attacker imitating Microsoft.
It's easy to make a joke along the lines of, “Everyone is safe from those phishing attacks because they know there's no way in hell they use Copilot." But the reality is that phishing attacks often center around impersonating tech giants, and it's safe to assume they're effective, or attackers would swap away from that method.
People rely on companies like Microsoft, Google, Amazon, and Apple. The amount of data those companies have is alluring to bad actors. If someone were able to gain access to your main accounts, they could likely obtain personal information, financial details, and more.
One of the easiest ways for a malicious actor to gain access to your accounts is to trick you into entering your details.
"The continued dominance of Microsoft and Google reflects their central role in identity, productivity, and authentication workflows—making stolen credentials particularly valuable to attackers," said Check Point.
In the final months of last year, Check Point Research identified a campaign designed to trick Roblox users. The campaign utilized a malicious site with a "lookalike domain" with links that led to another site that looks almost identical to the official Roblox page.
Similar campaigns are used to mimic Netflix, Facebook, and other popular sites, including Microsoft.
Out of the top ten imitated brands, only one is not a tech company:
- Microsoft – 22%
- Google – 13%
- Amazon – 9%
- Apple – 8%
- Facebook (Meta) – 3%
- PayPal – 2%
- Adobe – 2%
- Booking – 2%
- DHL – 1%
- LinkedIn – 1%
Microsoft even gets a bonus percentage point since LinkedIn is owned by Microsoft.
Phishing attacks appear convincing and build on people's trust and familiarity with certain companies, according to Check Point. "Attackers increasingly rely on polished visuals, subtle domain manipulation, and multi-stage flows that closely mimic legitimate user experiences—often leaving victims unaware that their credentials have been stolen," said the cybersecurity company.
While some older advice, such as keeping an eye out for typos, is still a good idea, phishing scams have become more convincing over the years.
Here are some rules to help you reduce your risks:
- Do not click links marked as urgent or that emphasize they are "about to be deleted."
- Check the actual email address of the sender, not just their sender name.
- Use an authenticator app or some method of multi-factor authentication.
- Keep an eye out for "lookalike" characters. Attackers can use characters from different alphabets that look like normal letters but appear a bit "off."
- Don't respond to pressure. If an email uses aggressive or pressuring language, it is likely a scam.
- When in doubt, throw it out: If you think something feels off or looks suspicious, delete it. You can always get in touch with companies in other ways.
Make sure to report any phishing attacks or scams to Microsoft or your email provider. Companies improve their security models based on information received.
What's the most obvious scam you've seen in your inbox? Let us know in the comments!
Follow Windows Central on Google News to keep our latest news, insights, and features at the top of your feeds!
