SecurityBrief Asia logo
Story image

Cybercriminals most likely to impersonate Apple, Netflix in phishing attacks

16 Apr 2020

Cybercriminals are most likely to impersonate major global tech companies like Apple, Netflix, Yahoo, WhatsApp and PayPal in order to trick people to clicking links or downloading attachments in malicious phishing emails.

That’s according to Check Point’s Q1 2020 Brand Phishing Report, which names the brands most likely to be impersonated in phishing campaigns.

The report, which is based on information from Check Point’s ThreatCloud intelligence, shows that cybercriminals especially love to impersonate the tech industry, with banking and media following close behind.

Check Point researchers say that this broad choice of industry sector approach covers the most well-known consumer sectors, particularly during the COVID-19 pandemic and the rise of remote working, or streaming while more people stay at home.

Check Point describes a brand phishing attack as one in which criminals imitate the official website of a well-known brand by using a similar domain name or URL and webpage design to the genuine site.  

“The link to the fake website can be sent to targeted individuals by email or text message, a user can be redirected during web browsing, or it may be triggered from a fraudulent mobile application. The fake website often contains a form intended to steal users’ credentials, payment details or other personal information.”

According to the research, 10% of all brand phishing attempts imitated Apple – up 8% from Q4 in 2019 – because criminals are trying to capitalise on brand recognition.

Top phishing brands in Q1 2020 (The top brands are ranked by their overall appearance in brand phishing attempts):
1.      Apple (related to 10% of all brand phishing attempts globally)
2.      Netflix (9%)
3.      Yahoo (6%)
4.      WhatsApp (6%)
5.      PayPal (5%)
6.      Chase (5%)
7.      Facebook (3%)
8.      Microsoft (3%)
9.      eBay (3%)
10.   Amazon (1%)

According to Check Point’s director of threat intelligence and research, Maya Horowitz, criminals are targeting people across email, web, and mobile applications. These applications look like they are from well-recognised brands, or they tap into behavioural changes as a result of the global pandemic.

“Phishing will continue to be a growing threat in the coming months, especially as criminals continue to exploit the fears and needs of people using essential services from their homes. As always, we encourage users to be vigilant and cautious when divulging personal data.”

Check Point also published lists of the most imitated companies across web, mobile, and email. 

Web (59% of all phishing attacks during Q1)

  • Apple
  • Netflix
  • PayPal
  • eBay

Mobile (23% of all phishing attacks during Q1)

  • Netflix
  • Apple
  • WhatsApp
  • Chase

Email (18% of all phishing attacks during Q1)

  • Yahoo
  • Microsoft
  • Outlook
  • Amazon.
Story image
5G network security a US$9 billion dollar opportunity - report
The cloud-native nature of 5G networks will have a disruptive and positive impact on the cybersecurity industry in the next few years, with 5G network security presenting a US$9 billion enterprise market opportunity by 2025.More
Story image
FortiGuard appoints former cyber warfare officer
Former RAAF cyber warfare officer Mark Robson has been appointed as senior tactical threat analyst in FortiGuard’s managed detection and response team, FortiResponder.More
Story image
Egnyte ensures greater security across Microsoft 365 with latest integrations
The new integrations are aimed at helping mid-sized organisations prevent data loss, address a growing number of regional privacy regulations, and simplify the overall management of content with minimal administrative overhead.More
Story image
WatchGuard uncovers top cyber threat trends of Q4 2020
“The rise in sophisticated, evasive threat tactics last quarter and throughout 2020 showcases how vital it is to implement layered, end-to-end security protections."More
Story image
COVID-19-themed threats, Powershell malware continue surge
“The world—and enterprises—adjusted amidst pandemic restrictions and sustained remote work challenges, while security threats continued to evolve in complexity and increase in volume."More
Story image
Video: 10 Minute IT Jams - SonicWall VP on the cybersecurity lessons learned from the last 12 months
This is our seventh IT Jam with SonicWall, the cybersecurity company specialising in firewall, network security, cloud security and more.More