sb-as logo
Story image

Microsoft is most imitated brand for phishing attacks in Q3

20 Oct 2020

Microsoft is, by a significant margin, the most imitated brand in phishing campaigns throughout Q3, according to new data from Check Point Research.

In a recent study into the brands most frequently spoofed by cyber-attackers to steal personal information, Microsoft came out on top with 19% of all brand phishing attempts - 10 percentage points above the next closest brand.

This figure also represented a 12 percentage point increase from Q2 of this year, when Microsoft was much further down the list in fifth place.

Popular phishing tactics using the Microsoft brand used email campaigns to steal credentials of Microsoft accounts, luring victims to click on malicious links which redirect them to a fraudulent Microsoft login page. 

It’s not just through emails, though: many phishing attacks attempt to replicate the image of a company’s official website. They do this by using a similar domain name or URL and web-page design to the genuine site. 

Often, the fake website contains a form intended to steal users’ credentials, payment details or other personal information.

Check Point Research says the ‘most likely’ industries to be targeted in this way are technology, banking and social networking. Within these industries can be found the most recognisable and valuable brands in the world, and also contain companies that many millions around the world rely heavily on as they work, learn and shop remotely.

Increased usage of remote working technologies and social media, as well as changes to finances, are contributing factors to the makeup of the top 10 most imitated brands of Q3. Here they are:

  1. Microsoft (19%)
  2. DHL (9%)
  3. Google (9%)
  4. PayPal (6%)
  5. Netflix (6%)
  6. Facebook (5%)
  7. Apple (5%)
  8. Whatsapp (5%)
  9. Amazon (4%)
  10. Instagram (4%)

This marks the first time DHL has entered the top 10, with a particularly rapid rise to second place.

“In this past quarter, we saw the highest increase in email phishing attacks of all platforms compared to Q2, with Microsoft being the most impersonated brand,” says Check Point director of threat intelligence and research Maya Horowitz.

“This has been driven by threat actors taking advantage of the mass migration to remote working forced by the COVID-19 pandemic, to target employees with fake emails asking them to reset their Microsoft Office 365 credentials.

“As always, we encourage users to be cautious when divulging personal data and credentials to business applications, and to think twice before opening email attachments or links, especially emails that claim to be from companies, such as Microsoft or Google, who are most likely to be impersonated.”