Brand Impersonation Scams Surge as Hackers Prey on Public Trust

By  |  July 6, 2025
 | 

Hackers are reportedly impersonating brands like PayPal and Apple to steal information and send malware.

    Get the Full Story

    Complete the form to unlock this article and enjoy unlimited free access to all PYMNTS content — no additional logins required.

    yesSubscribe to our daily newsletter, PYMNTS Today.

    By completing this form, you agree to receive marketing communications from PYMNTS and to the sharing of your information with our sponsor, if applicable, in accordance with our Privacy Policy and Terms and Conditions.

    That’s according to recent research by Cisco Talos on a surge of instances in which victims call the scammers on the phone, responding to a request regarding an urgent transaction.

    “Brand impersonation is a social engineering technique that exploits the popularity of well-known brands to persuade email recipients to disclose sensitive information,” the researchers wrote. 

    In these phishing scams, “adversaries can deliver brand logos and names to victims using multiple types of payloads. One of the most common methods of delivering brand logos and names is through PDF payloads (or attachments).”

    Many of these emails persuade victims to call “adversary-controlled phone numbers,” employing another popular social engineering tactic: telephone-oriented attack delivery (TOAD), otherwise known as callback phishing.  

    Victims are told to call a number in the PDF to settle an issue or confirm a transaction. Once they call, the attacker pretends to be a legitimate representative and tries to manipulate them into sharing confidential information or installing malware on their computer.

    Advertisement: Scroll to Continue

    In other cybersecurity news, PYMNTS spoke recently with Belsasar Lepe, co-founder and CEO of Cerby, who said the need for secure digital identities has never been more urgent thanks to the rise of artificial intelligence (AI).

    “We’re in a modern situation,” Lepe said, “where that same technology can be used to deliver a better personalized experience, but it can also be used to deliver a more personalized, risky experience, where you’re tricked into engaging with someone that isn’t who they claim to be.”

    Nonstandard applications, which are at the center of Cerby’s focus, are a category that are in many cases neglected by traditional identity platforms. These are systems that don’t integrate easily with single sign-on or other identity standards, leading to gaps that criminals exploit.

    “We tend to focus on those applications … that aren’t necessarily connectable using modern identity standards,” Lepe said. “That creates a unique dynamic. We’re not just working with security teams, we’re also engaging with line-of-business owners.”

    In his interview with PYMNTS, Lepe was candid in discussing the evolving threat landscape. He described it as “fundamentally unfair and very asymmetric.” Cybersecurity professionals, he said, need to be perfect all the time, while attackers need to succeed just once.


    Recommended

    SoFi Aims to Raise $1.5 Billion to Fund Additional Business Opportunities

    Apple’s General Counsel and Government Affairs Head to Retire

    Prediction Market Polymarket Begins Rolling Out US App

    Target Says Shifting Order Fulfillment to Slower Stores Speeds Delivery and Reduces Costs

    See More In: , , , , , , , ,