Microsoft was the most commonly impersonated brand in phishing attacks during the fourth quarter of 2025, according to researchers at Guardio. Microsoft was followed by Facebook, Roblox, McAfee, Steam, AT&T, Amazon, Google, Yahoo, and Coinbase.
“Scammers ramped up brand impersonation attacks throughout Q4 2025, timing their campaigns around when people are busiest online, shopping for deals, renewing subscriptions, or looking for jobs,” Guardio says.
“They targeted Microsoft, Facebook, Roblox, and McAfee by launching fake storefronts during Black Friday, sending delivery scams throughout December's package delivery rush, and running job scams as January job hunting picks up.”
Microsoft and Facebook are generally among the most commonly impersonated brands throughout the year, due to their massive userbases. Some of the other brands are more commonly targeted near the end of the year, during the holiday and tax seasons.
“For example, gaming platforms like Steam see heavy traffic during year-end holiday sales,” the researchers explain. “Phone and web service companies (AT&T, Google, Yahoo) get more attention in December when people check their accounts and renew subscriptions. Amazon gets targeted because of holiday shopping, while Coinbase gets hit when people review their crypto investments and prepare for tax season.”
Users should maintain a healthy sense of suspicion and be on the lookout for social engineering in order to avoid falling for these attacks.
“Staying safe requires consistent vigilance,” Guardio says. “Verify sender authenticity before clicking links, checking for domain misspellings or suspicious extensions. Navigate to official websites independently rather than using links in messages. Enable two-factor authentication on all accounts. Most importantly, pause before acting on urgent messages. Scammers count on people acting fast without thinking.”
KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 HRM+ platform to strengthen their security culture and reduce human risk.
Guardio has the story.
New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn't a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4's security awareness training and simulated phishing platform and see how easy it can be!
