Microsoft remains the most impersonated brand in phishing attacks

Microsoft has emerged as one of the most imitated brands, accounting for 29% of all phishing attacks worldwide, as per the Check Point Research (CPR) report. According to the data, these attacks have decreased from 45 percent in the second quarter of 2021.


According to the report, social media was among the top three industries imitated in phishing attempts for the first time this year, with WhatsApp, LinkedIn, and Facebook all featuring in the top ten list of most imitated brands.


For the first time this year, social channels have become one of the top three categories abused by cybercriminals, no doubt in an attempt to capitalise on the growing number of individuals working and interacting remotely in the aftermath of the epidemic, according to Omer Dembinsky, Data Research Group Manager at Check Point Software. Following up on the findings from Q3, we’d advise consumers to be wary of emails or other communications that look to be from social media platforms like Facebook or WhatsApp. Dembinsky went on to say.


As cybercriminals aim to take advantage of online shopping in the run-up to the holiday season, Amazon has surpassed DHL to take second place, accounting for 13 percent of all phishing attempts compared to 11 percent the previous quarter.


During July, August, and September, the report highlights the brands that were most frequently mimicked by criminals in their attempts to steal people’s personal information or payment credentials.


In a brand phishing attack, thieves attempt to replicate the official website of a well-known brand by using a domain name or URL that is similar to the actual site’s and a web-page design that is similar to the legitimate site’s. The bogus website link can be provided to targeted persons by email or text message, a user can be redirected while browsing the web, or it can be activated by a malicious mobile application. A form on the bogus website is frequently used to steal users’ credentials, financial information, or other personal information.


You might also like:

Microsoft releases updates for Windows zero-day: PrintNightmare

LockFile ransomware hijacks Microsoft Exchange servers

Microsoft warns about phishing attack by Nobelium group spoofing USAID