Check Point Research issues Q4 Brand Phishing Report, highlighting the leading brands that hackers imitated in attempts to lure people into giving up personal data
Check Points latest Brand Phishing Report for Q4 2021 highlights the brands which were most frequently imitated by criminals in their attempts to steal individuals’ personal information or payment credentials during October, November and December 2021.
In Q4, global logistics and distribution company DHL ended Microsoft’s long-standing reign as the brand most frequently imitated by cybercriminals in attempts to steal credentials or deploy malware via sophisticated phishing techniques. Twenty-three percent of all brand phishing attempts were related to DHL, up from just 9% in the previous quarter. The Microsoft brand, meanwhile, only accounted for 20% of all phishing attempts in Q4 versus 29% in Q3. FedEx also appeared in the top ten list for the first time in Q4 2021, no doubt the result of threat actors trying to target vulnerable online shoppers in the run-up to the festive season as the pandemic remained a key concern.
Their latest Q4 report also reinforced the continued imitation of social media brands in phishing scams, with WhatsApp coming third behind DHL and Microsoft in a global list of top targeted brands. The social messaging app, owned by Facebook, moved from 6th position to 3rd, representing 11% of all phishing attempts worldwide.
In a brand phishing attack, criminals try to imitate the official website of a well-known brand by using a similar domain name or URL and web-page design to the genuine site. The link to the fake website can be sent to targeted individuals by email or text message, a user can be redirected during web browsing, or it may be triggered from a fraudulent mobile application. The fake website often contains a form intended to steal users’ credentials, payment details or other personal information.
Top phishing brands in Q4 2021
Below are the top brands ranked by their overall appearance in brand phishing attempts:
- DHL (related to 23% of all phishing attacks globally)
- Microsoft (20%)
- WhatsApp (11%)
- Google (10%)
- LinkedIn (8%)
- Amazon (4%)
- FedEx (3%)
- Roblox (3%)
- Paypal (2%)
- Apple (2%)
With thanks to the Cyber Defence Alliance and Checkpoint. The full story is here: https://blog.checkpoint.com/2022/01/17/dhl-replaces-microsoft-as-most-imitated-brand-in-phishing-attempts-in-q4-2021/
Request A Demo: Security Awareness Training
New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn’t a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4’s security awareness training and simulated phishing platform and see how easy it can be!
PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/one-on-one-demo-partners?partnerid=001a000001lWEoJAAW