Microsoft has become the most spoofed brand in phishing intrusions during the last quarter of 2025, surpassing Facebook, which previously led the rankings, reports Cybernews.Threat actors looking to exploit the extensive attack surface offered by Microsoft have used the brand in counterfeit login pages, billing notices, and security alerts, findings from Guardio Labs revealed. Despite its decline to second place, Facebook has been continuously exploited in bogus security warnings and account recovery alerts in a bid to compromise user credentials. On the other hand, online gaming platform Roblox, which is popular among youths, was the third most impersonated brand, highlighting malicious actors' push to target younger audiences."Kids encounter fake giveaways requiring 'verification' that steal passwords, while parents find fake support sites that harvest payment information when trying to purchase or redeem gift cards. The platform's young user base makes these scams particularly effective," said Guardio Labs.Other brands prevalently imitated by threat actors during the last three months of 2025 include McAfee, Steam, AT&T, Amazon, Google, Yahoo, and Coinbase.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds