How to protect yourself from brand impersonation attacks

As consumers and businesses are gearing up for Black Friday, Cyber Monday, and the upcoming festive shopping season, it’s important to be on the lookout for brand impersonation attacks. A brand impersonation attack typically involves cybercriminals mimicking trusted brands to dupe end-users into engaging with a malicious platform, which can then be used to harvest credentials, incite fraud, steal personal information or money, or launch malware attacks.

Recent data from Mimecast’s threat research team has revealed an increase in brand impersonations in 2022, with industries such as technology, logistics, and finance witnessing the most attacks. According to Stanley Hsu, Regional Vice President of Asia, Mimecast, “Customers today expect safe digital interactions, especially with reputable brands that they trust. However, brand impersonation can be extremely sophisticated, making it easy for consumers to fall victim to these attacks. Organizations need to make every effort to protect their online brands from impersonation, but consumers need to always exercise caution in the event that their favorite brand has not implemented the appropriate measures.”

Hsu also shared five tips for consumers and businesses to stay vigilant: 

  1. Be careful with urgent offers

Cybercriminals often try to create urgency so that the target is less attentive. During the festive shopping season, they do this through temporary offers. If you feel pressured to buy something quickly or click on a link, then something may not be right.

  1. A secure URL doesn’t mean it’s safe

A lock in the address bar indicates that the website uses a secure https connection. But a secure website can still be dangerous – even with such a lock, it is possible that your device could be infected with malware or that the website tries to steal data.

  1. Scan the website for language errors

Strange text, poor translations, and language errors can indicate that a website is fake. But while it’s important to look out for spelling and grammatical mistakes, don’t only rely on checking for these as most impersonated websites today are very convincing.

  1. Don’t blindly click on links in emails

 If you have received an email with a link from a well-known retailer, don’t assume you will end up on the retailer’s legitimate website. You can’t blindly rely on the authentic appearance of a URL, the website, the sender and the email address. Through ‘spoofing’, cybercriminals can fake these things relatively easily.

  1. Navigate to the official website

Instead of clicking on links in emails, it’s safer to go directly to a website by typing the URL into your browser. You could email their official address listed on their website and communicate that way, rather than responding to the email.

Stanley Hsu

Regional VP, Asia


With more than 25 years of professional experience, including 20 years in Sales and Channel-Alliances Management, Mimecast Regional VP of Asia Stanley Hsu has worked extensively with partners and SI’s in growing markets in Asia Pacific region focusing on ASEAN, Hong Kong and Taiwan.

Stanley is responsible for building teams to help drive product adoption, increase adoption of Mimecast’s cloud-based solutions, and enhance customer success. Before his role with Mimecast, Stanley was a key founding member of the APAC leadership team at both Darktrace and IIIumio, growing the cybersecurity businesses from startup companies.

With a passion for cybersecurity, Stanley can provide professional regional insights into the cyber landscape, helping companies with their cybersecurity strategies to better manage and mitigate attacks.

About Author

Leave a Reply

Scroll to top
Browse Tags
%d bloggers like this: