Guardio’s Brand Phishing Report for Q1 2025 is here, and for the first time, Steam takes the top spot as the most imitated brand in phishing scams. The report also uncovers a new emergence in scams impersonating electronic toll collection companies, alongside a rise in tax-related phishing attacks and fake clearance sales. These findings shed light on the latest trends in online fraud.
Three months into 2025, phishing scams are showing no signs of slowing down. Brand impersonations are at an all-time high, with scammers exploiting people’s trust in familiar names. This quarter, we saw a rise in the usual suspects, like phishing emails from big tech companies, tax season scams, and fake shopping deals, along with an increase in gaming-related fraud.
But what’s really surprising is the surge in toll fee scams: Three different electronic toll collection companies made it into the top ten, marking an unprecedented shift in phishing tactics. Cybercriminals are clearly evolving, working harder than ever to adapt their methods and deceive victims. Since they often mimic brands we interact with daily, knowing which brands are being targeted and how to spot these scams is key to staying safe online.
Top 10 most imitated brands in Q1 2025
1. Steam | |
2. Microsoft | |
3. Facebook/Meta | |
4. Roblox | |
5. SunPass | |
6. E-ZPass | |
7. USPS | |
8. EZDrive Massachusetts | |
9. Netflix | |
10. WeTransfer |
The Top 4 Brands Scammers Are Exploiting in Q1 2025
1. Steam
For the first time ever, Steam has claimed the top spot in our Q1 2025 report, and it’s a bit of a shock. Historically, the #1 spot has been dominated by the usual suspects - big tech companies like Meta, Microsoft, or even USPS. But this quarter, it’s Steam, and by a significant margin. Scammers have been targeting the massive gaming community by impersonating Steam to warn users about supposed account issues, like payment failures or suspicious login attempts. These fake messages are designed to trick victims into entering their login credentials on counterfeit websites, which then steal their account information.
In addition to account-related scams, some phishing attempts will claim you’ve won a Steam gift card or a special promotion, prompting you to click on fraudulent links to claim your prize. If you get an unexpected email or text about your Steam account or a supposed gift card reward, always double-check the URL and resist clicking on any links until you’re absolutely sure it’s legitimate.

2. Microsoft
Microsoft’s brand continues to be a favored choice for cybercriminals, especially in Q1, as scammers impersonate Microsoft support to claim “account problems” or “security breaches.” Users are often directed to fraudulent websites that prompt them to enter personal information or download malware.
Be wary of unsolicited emails or texts that claim to be from Microsoft. Official communications will never ask you to click on links to fix issues. Always go directly to Microsoft’s website for account management.

3. Facebook (Meta)
Facebook (Meta) has seen a rise in scams related to account security, with scammers sending fake login issues or security warnings. They typically try to create a sense of urgency, asking users to click on a link that leads to a phishing page designed to steal personal information or login credentials.
If you receive an unexpected message about your Facebook account, double-check the sender and avoid clicking on any links. Always log in directly from the official Facebook app or website to check for any issues.

4. Roblox
Scammers have remained active on Roblox in Q1 2025, using various tactics to exploit the platform and target its large community of gamers, especially younger users. Some impersonate Roblox support, claiming account suspensions or payment issues, while others falsely inform users they've won a gift or prize and ask for payment details to claim it. Ultimately, the goal of these scams is always the same: to trick victims (often kids or unsuspecting family members) into clicking on fake links that lead to stolen credentials, financial fraud, or malware downloads.
If you're a Roblox user, or if your kids are, be cautious about unfamiliar messages or links. Always check account status directly through the official Roblox app or website. Parents should also talk to their kids about the risks of scams and make sure they know how to spot suspicious messages or links while using the platform.

Recap
The changes we’ve seen in Q1 2025 make it clear that scammers have expanded their tactics, now impersonating a broader range of brands and services. Steam has claimed the top spot for the first time, while Microsoft and Meta remain frequent targets.
Toll fee scams have also emerged, with SunPass and E-ZPass joining the top 10, highlighting how scammers are evolving to reach more victims. As these tactics continue to shift, it’s crucial to stay vigilant and on your toes. Who knows how this list will change in the next quarter?

Rising Scams in Q1 2025
Toll Fee Scams
Toll fee scams have surged dramatically in Q1 2025. Scammers have been sending out text messages claiming you have an unpaid toll fee, directing victims to fake websites designed to steal sensitive information. Guardio detected a staggering 604% increase in toll fee scam texts since the start of the year, with March seeing a 98% jump in scam activity from the previous week alone.

These scams are particularly dangerous as they exploit the urgency of unpaid tolls, tricking victims into entering payment details on fraudulent sites without thinking twice. Always verify toll notices through official channels, and never click on suspicious links.
Tax Season Scams
With tax season underway, scammers are taking advantage of people's concerns about filing their taxes on time. They impersonate the IRS or other tax services, sending phishing emails, and texts, or even making phone calls claiming that there's an issue with your tax filings. These scammers create fake IRS websites designed to collect personal and financial details.
If you receive a tax-related message that seems suspicious, don’t click on links or download attachments. The IRS will never contact you via text or email about issues related to your taxes.
Closing Sales Shopping Scams
This quarter, popular fashion brands like Joann and Forever 21 announced store closures, and scammers quickly seized the opportunity. Knowing shoppers are familiar with 'going out of business' sales, they created fake ads and websites to lure people into entering payment information for goods that will never arrive.
Be cautious of deals or websites claiming steep discounts on products from brands that have closed. If an offer seems too good to be true, it probably is. Stick to trusted retailers and always verify a site’s legitimacy before making a purchase.
Staying Safe from Scammers in Q1 2025
As scams continue to evolve, staying vigilant is key to protecting yourself. The scammers are relentless, but by following these tips, you can outsmart them:
-
Use Security Tools: Scams are becoming more sophisticated, with scammers using AI to create high-quality, convincing scams at scale. These are harder to detect, and the human eye is no longer enough. The most effective way to protect yourself is by using comprehensive security tools like Guardio. They can block harmful phishing sites and fraudulent emails before they even reach your inbox.
-
Verify the Source: Always go to the site yourself by typing in the address directly, rather than clicking on links in emails or texts.
-
Be Skeptical of Urgency: Scammers love to pressure victims into acting quickly. If a message demands immediate action or claims your account is in jeopardy, take a moment to verify the details through official channels.
By staying informed and following these simple precautions, you can stay ahead of the scammers and enjoy a safer online experience.
Guardio is committed to keeping you safe across all your devices with real-time phishing protection and comprehensive security tools.