Check Point published its Q3 Brand Phishing Report to bring to light the brands that are most commonly imitated by attackers to conduct phishing campaigns. The report brings forth data from July to September.
What are the findings?
Microsoft topped the list as 29% of all brand phishing attempts were related to the Redmond-based technology giant.
Other impersonated brands include Amazon (13%), DHL (9%), and Bestbuy (8%).
While technology was the most commonly imitated brand, social network—for the first time this year—was among the top three sectors to be imitated.
Why this matters
Cybercriminals are on the constant lookout for upgrading their attacks and making maximum profits by impersonating leading brands. The rising popularity of social media among attackers highlights the fact that criminals are taking advantage of people working remotely as a direct result of the pandemic.
Latest phishing events
The MirrorBlast campaign was found targeting financial services firms via phishing emails. The campaign is surmised to be conducted by TA505 and is active in the U.S., Europe, and Hong Kong.
An Android-based phishing campaign targeted Japanese telco customers. The threat actors built several domains to distribute a fake copy of a telecom provider’s Android app.
Earlier this month, APT28 was spotted conducting a spear-phishing campaign against 14,000 Gmail users. The attack was, however, unsuccessful and Google issued a warning to its users, especially journalists, officials, and activists.
The bottom line
Users are urged to be cautious while disclosing their personal data to websites and apps. It can be very easy to fail to pick up on a misspelled domain name or other suspicious details in emails and texts. Therefore, it is recommended that you double-check emails attachments or links. Also, stay vigilant while opening emails or links from unknown senders.