Check Point Research, a cyber threat intelligence company, has highlighted the brands that hackers have imitated the most to lure people into giving up their personal data or payment credentials in its quarterly brand phishing report.
According to the report, for the period of June-July-August 2020, Microsoft was the brand most frequently targeted brand by cybercriminals. Microsoft soared from the fifth place in the second quarter to the first place in the third quarter for brand phishing attacks, making up 19% of all global phishing attacks in the period (from 7% in Q2).
Microsoft is followed by DHL and Google – both accounted for 9% of all brand phishing attempts globally each. Others in the top ten include PayPal, Netflix, Facebook, Apple, WhatsApp, Amazon, and Instagram.
During the period, email was the top attack vector making up 44% of all phishing attacks, closely followed by web phishing (43%). The top phishing brands exploited by email phishing attacks were Microsoft, DHL, and Apple in that order and those exploited by web phishing attacks were Microsoft, Google, and PayPal.
For example, in mid-August, Check Point researchers witnessed a malicious phishing email trying to steal credentials of Microsoft accounts by luring the victim to click on a malicious link which redirects the user to a fraudulent Microsoft login page.
The spurt in phishing attempts by imitating Microsoft is to capitalize on large numbers of employees working remotely because of the pandemic, many for the first time ever.
Source: Check Point