Brand Impersonation
The unauthorised use of a company's name, logo, and visual identity in fraudulent communications to lend them credibility.
Also known as: brand spoofing, brand abuse, logo spoofing
Last reviewed: 10 June 2026
Brand impersonation underpins the majority of consumer-facing phishing attacks. Criminals copy the visual elements — logos, email templates, colour schemes, and tone of voice — of trusted brands such as banks, courier companies, government agencies, and technology firms to make fraudulent messages indistinguishable from legitimate ones at first glance.
Brand impersonation is used across all channels: email, SMS, social media, phone calls, and fake websites. The brand is chosen to match the pretext — parcel delivery brands for fake tracking messages, payment brands for credential harvesting, and tech brands for support scams.
Recognising that visual similarity is not evidence of legitimacy is a key consumer skill. Always verify contact by navigating independently to the official website rather than using contact details supplied in the message.
Examples
- An email using a bank's official colours, logo, and footer asks the recipient to verify their account via a link to a credential-harvesting page.
- Text messages impersonating a national postal service use the brand's name in the sender field to appear official.