Check Point Research (CPR), the Threat Intelligence arm of Check Point Software Technologies, a leading provider of cyber security solutions globally, has published its new Brand Phishing Report for Q3 2021.
The report highlights the brands which were most frequently imitated by criminals in their attempts to steal individuals’ personal information or payment credentials during July, August and September.
In Q3, Microsoft continued its reign as the brand most frequently targeted by cybercriminals, albeit at a slightly lower rate.
Twenty-nine per cent of all brand phishing attempts were related to the technology giant, down from 45% in Q2 2021, as threat actors continue to target vulnerable, distributed workforces during the COVID-19 pandemic.
Amazon has replaced DHL in the second position, accounting for 13% of all phishing attempts versus 11% in the previous quarter, as criminals look to take advantage of online shopping in the run-up to the holiday season.
The report also reveals that, for the first time this year, social was among the top three sectors to be imitated in phishing attempts, with WhatsApp, LinkedIn and Facebook all appearing in the top ten list of most imitated brands.
In a brand phishing attack, criminals try to imitate the official website of a well-known brand by using a similar domain name or URL and web-page design to the genuine site. The link to the fake website can be sent to targeted individuals by email or text message, a user can be redirected during web browsing, or it may be triggered from a fraudulent mobile application.
The fake website often contains a form intended to steal users’ credentials, payment details or other personal information.
Here are the Top 10 Brands Imitated in Phishing Attacks According to Check Point Software
Below are the top brands ranked by their overall appearance in brand phishing attempts:
- Microsoft (related to 29% of all phishing attacks globally)
- Amazon (13%)
- DHL (9%)
- Bestbuy (8%)
- Google (6%)
- WhatsApp (3%)
- Netflix (2.6%)
- LinkedIn (2.5%)
- Paypal (2.3%)
- Facebook (2.2%)
“For the first time this year, social channels have become one of the top three categories exploited by cybercriminals, no doubt in an attempt to take advantage of the increasing number of people working and communicating remotely in the wake of the pandemic,” said Omer Dembinsky, Data Research Group Manager at Check Point Software.
“As always, we encourage users to be cautious when divulging their data, and to think twice before opening email attachments or links, especially emails that claim to be from companies such as Amazon, Microsoft or DHL as they are the most likely to be imitated. Following the data from Q3, we’d also urge users to be vigilant when it comes to any emails or other communications that appear to be from social media channels such as Facebook or WhatsApp,” Dembinsky added.