A Check Point Research, area Threat Intelligence da Check Point Software Technologies Ltd, a leading global provider of cybersecurity solutions, published the Brand Phishing Report Q3 2022. The report highlights the brands that were most often imitated by criminals in their attempts to steal personal information or payment credentials from individuals during the months of July, August and September 2022.
While LinkedIn was the most used brand in both the first and second quarters of 2022, it was the carrier DHL that took the top spot in the third quarter, accounting for twenty-two percent of all attempts to Phishing worldwide. Microsoft is in second place (16%) and LinkedIn has dropped to third, accounting for just 11% of scams, compared to 52% in Q1 and 45% in Q2.
The increased use of DHL could be due in part to a grand global scheme and cyber attack. Phishing that logistics giant warned about itself even just days before the start of the quarter. Instagram also appeared in the top ten for the first time this quarter, following a phishing campaign related to 'blue badge' being reported in September.
"Phishing is the most common type of social engineering attack, which is a general term that describes attempts to manipulate or deceive users. It is an increasingly common threat vector used in most security incidents." says Omer Dembinsky, Data Research Group Manager at Check Point. "In Q3, we saw a dramatic reduction in the number of LinkedIn-related phishing attempts, reminding us that cybercriminals often change tactics to increase their chances of success. However, it continues to be the third most used brand, so we appeal to all users to keep an eye out for any emails or communications intended from LinkedIn. Now that DHL is the brand most likely to be counterfeited, it is crucial that anyone expecting a delivery goes directly to the official website to check progress and/or notifications. Do not trust any emails, particularly those asking for information to be shared".
In an attack of Phishing of a brand, criminals try to imitate the official website of a well-known brand, using a domain name or URL e design of the web page similar to that of the genuine website. O link to the fake website can be sent to targeted people via email or text message, a user can be redirected while browsing the web, or it can be triggered from a rogue mobile app. The fake website often contains a form designed to steal users' credentials, payment details or other personal information.
Most Used Phishing Tags in Q3 2022
Below are brands ranked by their overall frequency of phishing attempts
- DHL (accounts for 22% of all attacks carried out worldwide)
- Microsoft (16%)
- LinkedIn (11%)
- Google (6%)
- Netflix (5%)
- WeTransfer (5%)
- Walmart (5%)
- WhatsApp (4%)
- HSBC (4%)
- Instagram (3%)
