A Check Point Research It recently released its Brand Phishing Report for the third quarter of 2021, which our newsroom had access to, where it shows that Microsoft continues to be the most targeted brand by cybercriminals in implementing their malicious tactics. In second place, the document continues, is Amazon, which, this quarter, replaced DHL, which appears in third place.
A novelty present in the report is the presence of social networks in the top 3 of the sectors most used in attempts to phishing attacks, with WhatsApp, LinkedIn and Facebook appearing in the list of the 10 most imitated brands.
Check Point Research, Threat Intelligence area of Check Point® Software Technologies Ltd. (NASDAQ: CHKP), is a leading global provider of cybersecurity solutions.
The report for the last half of 2021 highlighted the brands that, during July, August and September, were most frequently imitated by cybercriminals in their attempts to steal personal information or payment credentials.
During the time referenced, as is customary in recent times, Microsoft continued its reign as the brand most frequently targeted by cybercriminals, albeit at a slightly slower pace. Twenty-nine percent of all phishing attempts were related to the tech giant, compared to 45% in the second quarter of 2021, proving that malicious agents continue to target vulnerable and distributed workforces.
Amazon replaced DHL in second place, counting 13% of all phishing attempts against 11% in the previous quarter. The trend of looking to take advantage of online shopping in the period before the holidays continued in this last quarter.
BUT: Check Point Software's report highlights the impact of cyber-crime around the world
The report also revealed that, for the first time this year, social networks are in the top 3 of the most imitated industries in phishing attack attempts, with WhatsApp, LinkedIn and Facebook appearing in the list of the 10 most imitated brands.
“Malicious agents are constantly trying to innovate their data theft attempts by posing as recognized brands. For the first time this year, social media has become one of the top three categories exploited by cybercriminals in a clear attempt to take advantage of the growing number of people working and communicating remotely in the wake of the pandemic,” he said. Omer Dembinsky, Data Research Group Manager at Check Point Software.
“Unfortunately, there isn't much these brands can do to help fight phishing attempts. Often, it is the human factor that fails to capture a poorly written domain, an incorrect date, or other suspicious detail in a text or email. As always, we encourage users to be cautious in disclosing their data, and to think twice about opening email attachments or links, especially on emails claiming to be from companies such as Amazon, Microsoft or DHL, the brands most likely to be imitated. Following the data we obtained from this last report, we also urge users to be vigilant when it comes to any emails or other communications that appear to be from social networks such as Facebook or WhatsApp”.
To inform you that in a brand phishing attack, criminals try to imitate the official website of a recognized brand using a domain name and design very similar to those found in the original. The fake website link can be sent by e-mail or text message, and the user can also be redirected to it during a simple web browsing or even through fraudulent mobile applications. The fake website often contains forms that aim to steal credentials, banking details or other personal information.
Below, the top brands sorted by how often they are used in brand phishing attempts:
1. Microsoft (accounted for 29% of all brand phishing attempts globally)
2. Amazon (13%)
3. DHL (9%)
4. Bestbuy (8%)
5. Google (6%)
6. WhatsApp (3%)
7. Netflix (2.6%)
8. LinkedIn (2.5%)
9. PayPal (2.3%)
10. Facebook (2.2%)
