There’s a good chance that if you open your email inbox and check your spam messages, you’ll see a phishing attempt centered around someone impersonating a company. Among all the phishing messages sitting in your spam folder (and potentially your normal inbox), you’ll probably see one alleging to be from Microsoft.
According to Check Point, 22 percent of all brand phishing attempts in 2025 had an attacker imitating Microsoft.
- Microsoft – 22%
- Google – 13%
- Amazon – 9%
- Apple – 8%
- Facebook (Meta) – 3%
- PayPal – 2%
- Adobe – 2%
- Booking – 2%
- DHL – 1%
- LinkedIn – 1%
Microsoft even gets a bonus percentage point since LinkedIn is owned by Microsoft.
Phishing attacks appear convincing and build on people’s trust and familiarity with certain companies, according to Check Point. “Attackers increasingly rely on polished visuals, subtle domain manipulation, and multi-stage flows that closely mimic legitimate user experiences—often leaving victims unaware that their credentials have been stolen,” said the cybersecurity company.
While some older advice, such as keeping an eye out for typos, is still a good idea, phishing scams have become more convincing over the years.
Here are some rules to help you reduce your risks:
- Do not click links marked as urgent or that emphasize they are “about to be deleted.”
- Check the actual email address of the sender, not just their sender name.
- Use an authenticator app or some method of multi-factor authentication.
- Keep an eye out for “lookalike” characters. Attackers can use characters from different alphabets that look like normal letters but appear a bit “off.”
- Don’t respond to pressure. If an email uses aggressive or pressuring language, it is likely a scam.
- When in doubt, throw it out: If you think something feels off or looks suspicious, delete it. You can always get in touch with companies in other ways.
Make sure to report any phishing attacks or scams to Microsoft or your email provider. Companies improve their security models based on information received.
What’s the most obvious scam you’ve seen in your inbox? Let us know in the comments!
Follow Windows Central on Google News to keep our latest news, insights, and features at the top of your feeds!
