---
title: "Microsoft Remains the Second-Most Impersonated Brand; Phishing Attacks Reach a Record High | DMARC Report"
description: "2023 is coming to an end, and despite all the efforts by cyber security experts, there has been a significant leap in phishing activities."
image: "https://dmarcreport.com/og/blog/microsoft-remains-the-second-most-impersonated-brand-phishing-attacks-reach-a-record-high.png"
canonical: "https://dmarcreport.com/blog/microsoft-remains-the-second-most-impersonated-brand-phishing-attacks-reach-a-record-high/"
---

Quick Answer

2023 is coming to an end, and despite all the efforts by cyber security experts, there has been a significant leap in phishing activities.

Related: [Free DMARC Checker](/tools/dmarc-checker/) 

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=undefined%2Fblog%2Fmicrosoft-remains-the-second-most-impersonated-brand-phishing-attacks-reach-a-record-high%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Microsoft%20Remains%20the%20Second-Most%20Impersonated%20Brand%3B%20Phishing%20Attacks%20Reach%20a%20Record%20High&url=undefined%2Fblog%2Fmicrosoft-remains-the-second-most-impersonated-brand-phishing-attacks-reach-a-record-high%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=undefined%2Fblog%2Fmicrosoft-remains-the-second-most-impersonated-brand-phishing-attacks-reach-a-record-high%2F "Share on Facebook") [ ](https://reddit.com/submit?url=undefined%2Fblog%2Fmicrosoft-remains-the-second-most-impersonated-brand-phishing-attacks-reach-a-record-high%2F&title=Microsoft%20Remains%20the%20Second-Most%20Impersonated%20Brand%3B%20Phishing%20Attacks%20Reach%20a%20Record%20High "Share on Reddit") [ ](mailto:?subject=Microsoft%20Remains%20the%20Second-Most%20Impersonated%20Brand%3B%20Phishing%20Attacks%20Reach%20a%20Record%20High&body=Check out this article: undefined%2Fblog%2Fmicrosoft-remains-the-second-most-impersonated-brand-phishing-attacks-reach-a-record-high%2F "Share via Email") 

![Microsoft Remains the Second-Most Impersonated Brand; Phishing Attacks Reach a Record High](https://media.mailhop.org/dmarcreport/images/2022/04/dmarc-alignment-6379.jpg) 

\_According to the [FBI’s 2022 Internet Crime Report (IC3)](https://www.ic3.gov/Media/PDF/AnnualReport/2022IC3Report.pdf), 300,497 US-based victims reported phishing incidents in a single year, and Business Email Compromise (BEC) caused more than $2.7 billion in direct losses. 2023 is coming to an end, and despite all the efforts by cyber security experts, there has been a significant leap in phishing activities. July, August, and September have seen a \*\*significant rise in [phishing email campaigns](https://www.bleepingcomputer.com/news/security/phishing-campaign-steals-accounts-for-zimbra-email-servers-worlwide/).

> Domain spoofing is trivially easy without DMARC enforcement, says Brad Slavin, General Manager of DuoCircle. Anyone can send email that looks like it comes from your domain. DMARC with p=reject is the only way to tell receiving servers to block unauthorized senders completely.

The two favorite brands for phishing actors have been **Facebook and Microsoft**. Threat actors have been targeting Microsoft 365 users with high-end phishing strategies. Their chief strategy revolves around penetrating into [Microsoft 365’s built-in security features](https://dmarcreport.com/blog/microsoft-outlook-rolls-out-its-new-authenticator-lite-feature-for-ios-and-android-users/).

## Q3 2023 Witnessed Peak Rise in Phishing Attacks!

Phishing activities witnessed a [solid leap of 173% in Q3 as compared to Q2 2023](https://www.linkedin.com/pulse/phishing-attacks-surge-173-q3-2023-malware-threats-soar-110-knowbe4-q5rge?trk=public%5Fpost). A whopping

\*\*125.7 million malicious emails were sent out, which made cyber security leaders spend quite a few sleepless nights!

![Dmarc record generator 5](https://media.mailhop.org/dmarcreport/images/2023/11/dmarc-record-generator-5-1.jpg) 

## Facebook and Microsoft: Two All-Time Favorites of Phishing Experts!

Facebook garnered lots of traction lately, thanks to its rebranding as Meta. _At present, it enjoys a user base of a whopping 2.9 billion. And all the attention easily makes it vulnerable to phishing activities_.

Threat actors connect with [Facebook business accounts](https://www.bleepingcomputer.com/news/security/facebook-messenger-phishing-wave-targets-100k-business-accounts-per-week/) on the pretext of copyright violations or proceed with \*\*fake inquiries where they request further details about a specific product.

The [malicious links, when clicked and downloaded](https://www.business-standard.com/technology/tech-news/fake-verified-facebook-pages-luring-users-into-clicking-malicious-links-123050700198%5F1.html), weaken security systems by evading blocklists and minimizing distinctive traces. The phishing actors get access to all the saved cookies and login details, thereby logging the users out of their accounts. Meanwhile, they crack into their accounts and hack the entire system to carry out **frauds and scams**.

On the other hand, Microsoft, the second-most impersonated brand , became a head-turner with all the coming-of-age attacks. The threat actors have come up with a new strategy whereby they leverage [sophisticated scamming attacks](https://www.infosecurity-magazine.com/news/microsoft-teams-phishing-campaign/) and deviate from conventional **phishing emails**. _The attacks include corporate logos as well as background images, thereby managing to establish their credibility_.

The uniqueness of these attacks lies in the **automated designs**. _Basically, if a user is not a target of the phishing expert, then the phishing link will automatically divert them to a safe page_. On the other hand, if a user is a part of their target audience, then the phishing page will get activated as the user clicks on the phishing link.

The threat actors verify the identity of the users by making \*\*API calls to Microsoft by leveraging the user’s email address.

\_Brands like Netflix and Adobe, too, are on the receiving end of these [impersonation scams](https://www.theguardian.com/australia-news/2023/nov/15/tim-was-scammed-out-of-222000-he-says-the-bank-should-have-to-give-his-money-back).

## Types of Brand Impersonation Frauds to Keep an Eye On!

## Brand hijacking

[Brand hijacking](https://www.centrik.in/blogs/what-is-brand-hijacking-and-how-to-prevent-brand-hijacking/) is one of the favorite activities of phishing experts, whereby they acquire the online identity of a digital brand. It also goes by the names of brand impersonation, brand theft, brand abuse, brandjacking, etc.

Cybercriminals try to gain \*\*access to user credentials and sensitive details by posing as reliable and trusted brand figures.

## Email spoofing

This is yet another form of phishing attack in which the scammers send [malicious emails to users](https://economictimes.indiatimes.com/tech/internet/internet-scam-beware-of-personalised-mails-from-fraudsters/articleshow/18857592.cms).

These email campaigns trick the users by manipulating the source of emails. Users are more likely to open these phishing emails because of their \*\*“seemingly” trusted source of origination.

## Executive impersonation

This phishing attack is also known as whaling or [CEO fraud](https://www.trendmicro.com/vinfo/mx/security/news/cyber-attacks/unusual-ceo-fraud-via-deepfake-audio-steals-us-243-000-from-u-k-company). As the name suggests, threat actors reach out to unsuspecting employees while posing as respected executives. They reach out to the employees for sensitive details such as payment details, intricate work information, etc.

## Fake social media profiles

Social media phishing involves creating [fake social media profiles](https://cybersecuritynews.com/russian-hacking-tool-social-media/) on platforms like TikTok, Facebook, Instagram, etc. These profiles are most likely to be of mini and macro influencers and celebrities. The threat actors use these fake profiles to get access to your social media account or run other **fraudulent activities**.

## Account takeover

This is a widely \*\*prevalent cybercrime \*\*in which phishing actors hack your profile or business account by cracking into your login credentials and other vital information.

## How Can Brand Impersonation Pose a Threat to Your Business?

Threat actors make the most out of the [festive season offers](https://www.businesstoday.in/technology/news/story/qr-code-scams-likely-to-grow-this-festive-season-experts-say-400104-2023-09-28) and **business emails**. They target the apps, tools, and software that businesses use for communication, daily operations, and entertainment.

Malicious brand impersonation emails slide into your inbox, and all it takes is one careless click on the **phishing link**.

To establish credibility, they use brand impersonation tactics and win the trust of victims through fool-proof templates and designs. [Generative AI](https://dmarcreport.com/blog/artificial-intelligence-and-the-serious-threat-of-sophisticated-email-attacks-and-automated-advertising-bots/) has additionally made these tasks easier and less **time-consuming for threat actors**.

![Dmarc analyzer](https://media.mailhop.org/dmarcreport/images/2023/11/dmarc-analyzer-3958.jpg) 

## How to Protect a Business from Brand Impersonation Frauds?

- _Train your team members at regular intervals to \*\*spread awareness against brand impersonation phishing scams_.
- Invest in **fail-proof** [email security](https://dmarcreport.com/blog/microsoft-announces-new-dmarc-policy-handling-defaults-for-enhanced-email-security/) solutions like [SPF](https://dmarcreport.com/what-is-spf/), [DKIM](https://dmarcreport.com/what-is-dkim/), [DMARC](https://dmarcreport.com/) or [BIMI](https://dmarcreport.com/blog/what-is-bimi-and-how-it-is-built-upon-dmarc/) that offer end-to-end protection and prevent sophisticated phishing attempts.
- Upskill yourself and stay updated about the latest technologies and [phishing scams](https://www.cbs8.com/article/news/local/working-for-you/email-free-turkey-scam/509-7fcddf53-3698-4372-b3c4-8ddaa07d4be0) going on.

With an increase in the number of [brand impersonation phishing scams](https://www.infosecurity-magazine.com/news/docusign-impersonation-attack/) that involve biggies like Facebook and Microsoft, one must \*\*always be vigilant enough before clicking on any link that comes their way. Awareness and adaptability are the only feasible ways to protect your sensitive data from phishing experts.

## Topics

[ DMARC ](/tags/dmarc/)[ email security ](/tags/email-security/) 

![Vishal Lamba](https://media.mailhop.org/dmarcreport/images/team/vishal-lamba.jpg) 

[ Vishal Lamba ](/authors/vishal-lamba/) 

Content Specialist

Content Specialist at DMARC Report. Writes vendor-specific email authentication guides and troubleshooting walkthroughs.

[LinkedIn Profile →](https://www.linkedin.com/in/vishal-lamba/) 

## Take control of your DMARC reports

Turn raw XML into actionable dashboards. Start free - no credit card required.

[Start Free Trial](https://app.dmarcreport.com/) [Check Your DMARC Record](/tools/dmarc-checker/) 

## Related Articles

[  Foundational 8m  10 Critical Learnings From Verizon’s 2021 DBIR - A DMARCReport Perspective  Nov 25, 2025 ](/blog/10-critical-learnings-from-verizons-2021-dbir-a-dmarcreport-perspective/)[  Foundational 12m  10 DNS Blacklist Insights That Improve Email Security And Deliverability Fast  Nov 14, 2025 ](/blog/10-dns-blacklist-insights-to-improve-email-security-and-deliverability/)[  Foundational 12m  10 Email Spoofing Detection Tools That Dramatically Improve Brand Protection  Nov 11, 2025 ](/blog/10-email-spoofing-detection-tools-that-dramatically-improve-brand-protection/)[  Foundational 12m  10 Reasons SPF Filtering Is Critical For Email Security  Nov 19, 2025 ](/blog/10-reasons-spf-filtering-is-critical-for-email-security/)

```json
{"@context":"https://schema.org","@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.wikidata.org/wiki/Q138898167","https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.g2.com/products/dmarc-report/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc","https://www.trustradius.com/products/duocircle/reviews"],"aggregateRating":{"@type":"AggregateRating","ratingValue":"4.8","reviewCount":"470","bestRating":"5","worstRating":"1","url":"https://www.g2.com/products/dmarc-report/reviews"},"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://dmarcreport.com/support/"},"knowsAbout":["DMARC","DMARC Reporting","DMARC Aggregate Reports","DMARC Forensic Reports","Sender Policy Framework","DKIM","Email Authentication","Email Security","DNS Management","Email Deliverability"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"DMARC Report","url":"https://dmarcreport.com","description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","publisher":{"@type":"Organization","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
[{"@context":"https://schema.org","@type":"BlogPosting","headline":"Microsoft Remains the Second-Most Impersonated Brand; Phishing Attacks Reach a Record High","description":"2023 is coming to an end, and despite all the efforts by cyber security experts, there has been a significant leap in phishing activities.","url":"https://dmarcreport.com/blog/microsoft-remains-the-second-most-impersonated-brand-phishing-attacks-reach-a-record-high/","datePublished":"2023-11-15T09:52:08.000Z","dateModified":"2026-04-16T15:53:43.000Z","dateCreated":"2023-11-15T09:52:08.000Z","author":{"@type":"Person","@id":"https://dmarcreport.com/authors/vishal-lamba/#person","name":"Vishal Lamba","url":"https://dmarcreport.com/authors/vishal-lamba/","jobTitle":"Content Specialist","description":"Vishal Lamba writes DMARC Report's how-to guides and vendor-specific configuration walkthroughs. His work focuses on step-by-step implementation guides for major email platforms (Google Workspace, Microsoft 365, SendGrid, Mimecast, Proofpoint, Brevo, and others), troubleshooting common SPF and DMARC errors, and translating RFC-level specifications into practical deployment procedures for IT administrators.","image":"https://media.mailhop.org/dmarcreport/images/team/vishal-lamba.jpg","knowsAbout":["SPF Vendor Configuration","Email Platform Integrations","SPF Troubleshooting","Technical Documentation","Step-by-Step Guides"],"worksFor":{"@type":"Organization","name":"DMARC Report","url":"https://dmarcreport.com"},"sameAs":["https://www.linkedin.com/in/vishal-lamba/"]},"publisher":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.wikidata.org/wiki/Q138898167","https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.g2.com/products/dmarc-report/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc","https://www.trustradius.com/products/duocircle/reviews"],"aggregateRating":{"@type":"AggregateRating","ratingValue":"4.8","reviewCount":"470","bestRating":"5","worstRating":"1","url":"https://www.g2.com/products/dmarc-report/reviews"},"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://dmarcreport.com/support/"},"knowsAbout":["DMARC","DMARC Reporting","DMARC Aggregate Reports","DMARC Forensic Reports","Sender Policy Framework","DKIM","Email Authentication","Email Security","DNS Management","Email Deliverability"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://dmarcreport.com/blog/microsoft-remains-the-second-most-impersonated-brand-phishing-attacks-reach-a-record-high/"},"articleSection":"foundational","keywords":"DMARC, email security","wordCount":995,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/dmarcreport/images/2022/04/dmarc-alignment-6379.jpg","caption":"Microsoft Remains the Second-Most Impersonated Brand; Phishing Attacks Reach a Record High","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}]
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://dmarcreport.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://dmarcreport.com/blog/"},{"@type":"ListItem","position":3,"name":"Foundational","item":"https://dmarcreport.com/foundational/"},{"@type":"ListItem","position":4,"name":"Microsoft Remains the Second-Most Impersonated Brand; Phishing Attacks Reach a Record High","item":"https://dmarcreport.com/blog/microsoft-remains-the-second-most-impersonated-brand-phishing-attacks-reach-a-record-high/"}]}
```