In the first quarter of 2025, Steam emerged as the most imitated brand by phishers, surpassing tech giants like Microsoft and Facebook/Meta, according to a recent report by Guardio researchers. The researchers highlighted that scammers targeted the extensive gaming community by posing as Steam and sending out fake messages regarding account issues such as payment failures or suspicious login attempts. These fraudulent messages aimed to deceive users into providing their login credentials on counterfeit websites, leading to account information theft.
The researchers advised users to exercise caution when receiving unexpected emails or texts related to their Steam accounts or supposed gift card rewards. They emphasized the importance of verifying URLs and refraining from clicking on any links until the legitimacy of the communication is confirmed.
The top 10 most imitated brands in the first quarter of 2025, as identified by Guardio, included Steam, Microsoft, Facebook/Meta, Roblox, SunPass, E-ZPass, USPS, EZDrive Massachusetts, Netflix, and WeTransfer. Notably, three US-based electronic toll collection companies made it to the list, indicating a surge in phishing activities targeting electronic toll collection-related services.
Guardio researchers observed a significant increase in phishing scams related to unpaid toll fees, with a 604% rise in scam texts since the beginning of the year. The month of March alone witnessed a 98% surge in scam activities compared to the previous week, pointing towards a growing trend of exploiting electronic toll collection systems for phishing purposes.
The spike in electronic toll collection-related phishing scams is believed to be linked to the rise of phishing-as-a-service platforms like Darcula and Lucid. These platforms offer phishing templates that enable cybercriminals to impersonate various organizations, including postal services, courier companies, toll systems, and tax refund agencies worldwide. By leveraging advanced technologies such as Apple iMessage and Android’s RCS, these platforms enhance the delivery and success rates of phishing attacks, evading traditional spam filters.
In addition to targeting electronic toll collection services, phishers have also been impersonating popular fashion brands that announced store closures, such as Forever 21 and JOANN. By capitalizing on the familiarity of shoppers with ‘going out of business’ sales, scammers create fake advertisements and websites to lure unsuspecting individuals into providing payment information for goods that will never be delivered.
Overall, the evolving landscape of phishing scams underscores the importance of vigilance and verification when interacting with online communications and websites. As cybercriminals continue to adapt their tactics and target a wide range of industries and services, users must remain cautious and informed to protect themselves from falling victim to fraudulent schemes. Stay informed about the latest breaches, vulnerabilities, and cybersecurity threats by subscribing to breaking news alerts to stay one step ahead of cyber threats.