The ultimate "must-have" brand for 2026 is Microsoft — but only if you’re a phishing scammer

Satya Nadella in a Groucho Marx disguise.
Attackers often use "lookalike" domains in phishing scams. I generated an image of a Satya Nadella lookalike in a Groucho Marx disguise to emphasize the point. (Image credit: Future | Edited with Gemini)

There's a good chance that if you open your email inbox and check your spam messages, you'll see a phishing attempt centered around someone impersonating a company. Among all the phishing messages sitting in your spam folder (and potentially your normal inbox), you'll probably see one alleging to be from Microsoft.

According to Check Point, 22 percent of all brand phishing attempts in 2025 had an attacker imitating Microsoft.

It's easy to make a joke along the lines of, “Everyone is safe from those phishing attacks because they know there's no way in hell they use Copilot." But the reality is that phishing attacks often center around impersonating tech giants, and it's safe to assume they're effective, or attackers would swap away from that method.

Latest Videos From

People rely on companies like Microsoft, Google, Amazon, and Apple. The amount of data those companies have is alluring to bad actors. If someone were able to gain access to your main accounts, they could likely obtain personal information, financial details, and more.

One of the easiest ways for a malicious actor to gain access to your accounts is to trick you into entering your details.

"The continued dominance of Microsoft and Google reflects their central role in identity, productivity, and authentication workflows—making stolen credentials particularly valuable to attackers," said Check Point.

In the final months of last year, Check Point Research identified a campaign designed to trick Roblox users. The campaign utilized a malicious site with a "lookalike domain" with links that led to another site that looks almost identical to the official Roblox page.

Similar campaigns are used to mimic Netflix, Facebook, and other popular sites, including Microsoft.

Out of the top ten imitated brands, only one is not a tech company:

  • Microsoft – 22%
  • Google – 13%
  • Amazon – 9%
  • Apple – 8%
  • Facebook (Meta) – 3%
  • PayPal – 2%
  • Adobe – 2%
  • Booking – 2%
  • DHL – 1%
  • LinkedIn – 1%

Microsoft even gets a bonus percentage point since LinkedIn is owned by Microsoft.

Phishing attacks appear convincing and build on people's trust and familiarity with certain companies, according to Check Point. "Attackers increasingly rely on polished visuals, subtle domain manipulation, and multi-stage flows that closely mimic legitimate user experiences—often leaving victims unaware that their credentials have been stolen," said the cybersecurity company.

While some older advice, such as keeping an eye out for typos, is still a good idea, phishing scams have become more convincing over the years.

Here are some rules to help you reduce your risks:

  • Do not click links marked as urgent or that emphasize they are "about to be deleted."
  • Check the actual email address of the sender, not just their sender name.
  • Use an authenticator app or some method of multi-factor authentication.
  • Keep an eye out for "lookalike" characters. Attackers can use characters from different alphabets that look like normal letters but appear a bit "off."
  • Don't respond to pressure. If an email uses aggressive or pressuring language, it is likely a scam.
  • When in doubt, throw it out: If you think something feels off or looks suspicious, delete it. You can always get in touch with companies in other ways.

Make sure to report any phishing attacks or scams to Microsoft or your email provider. Companies improve their security models based on information received.

What's the most obvious scam you've seen in your inbox? Let us know in the comments!

A pink banner that says "What do you think?" and shows a dial pointing to a mid-range hue on a gradient.


Click to follow Windows Central on Google News

Follow Windows Central on Google News to keep our latest news, insights, and features at the top of your feeds!


Sean Endicott
News Writer

Sean Endicott is a News Writer at Windows Central, where he covers Windows 11, Surface hardware, Microsoft 365, AI, apps, and the broader PC ecosystem. Since joining the site in 2017, he has written well over a thousand articles across the Microsoft landscape, covering breaking news, analysis, and feature reporting.

He writes Windows Wrap, a weekly column covering the biggest stories in Windows and the PC industry, and what they mean for the platform going forward.

Before joining Windows Central full-time, Sean worked in journalism and media production after earning a First Class degree in Broadcast Journalism from Nottingham Trent University. Outside of tech, he is an award-winning American football coach based in Nottingham, England, and was named BAFCA Youth Coach of the Year in 2024.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.