Check Point Research, a global cybersecurity solutions provider, has published its Brand Phishing Report for Q3 2020. In its previous report for Q2 2020, Google and Amazon made it to the list of being the most impersonated brands. However, with organizations largely adopting Microsoft for its collaborative offerings of Office suite, it has now become the hot favorite for cybercriminals too, as the report highlights it as the “Most Imitated Brand for Phishing Attacks.”
Microsoft’s Rise to the Top
In the Q3 2020 report, the tech giant rose from the fifth place (relating to 7% of all global brand phishing attempts) to become the table topper (with 19% in the overall share). The researchers at Check Point are attributing this sudden rise to the continued growth of the remote workforce in the ongoing pandemic.
Threat actors are taking advantage of the mass migration to a remote workforce. They are targeting employees with fake emails asking them to reset their Microsoft Office 365 credentials.
Maya Horowitz, Director, Threat Intelligence & Research, Products at Check Point said, “In this past quarter, we saw the highest increase in email phishing attacks of all platforms compared to Q2, with Microsoft being the most impersonated brand. This has been driven by threat actors taking advantage of the mass migration to remote working forced by the Covid-19 pandemic, to target employees with fake emails asking them to reset their Microsoft Office 365 credentials. As always, we encourage users to be cautious when divulging personal data and credentials to business applications, and to think twice before opening email attachments or links, especially emails that claim to be from companies, such as Microsoft or Google, who are most likely to be impersonated.”
As per Check Point researchers, Microsoft phishing email aims at stealing credentials. During mid-August, they witnessed a malicious phishing email trying to steal credentials of Microsoft accounts. The attacker was trying to lure the victim into clicking on a malicious link, which redirects the user to a fraudulent Microsoft login page.
Another surprise entry to this list was the first-time entrant for 2020, DHL. It has made it to the top 10 rankings, taking the second spot with 9% of all phishing attempts related to the company. The list of the top phishing brands in Q3 2020, based on their overall appearance in brand phishing attempts, includes:
- Microsoft (related to 19% of all brand phishing attempts globally)
- DHL (9%)
- Google (9%)
- PayPal (6%)
- Netflix (6%)
- Facebook (5%)
- Apple (5%)
- WhatsApp (5%)
- Amazon (4%)
- Instagram (4%)
In other findings from the research, the most likely industry to be targeted by brand phishing is technology, with banking and social network following closely. It illustrates a broad spread of some of the best-known and most-used consumer sectors, particularly during the COVID-19 pandemic, wherein individuals are grappling with remote working technology, potential changes to finances, and increased use of social media.
Top phishing brands by platform
During Q3 2020, email phishing was the most prominent type of brand phishing platform, accounting for 44% of the attacks, followed by web and mobile phishing. The top phishing brands exploited by email, web, and mobile phishing attacks are displayed below in ascending order.
Email (44% of all phishing attacks during Q3)
Web (43% of all phishing attacks during Q3)
Mobile (12% of all phishing attacks during Q3)