A study by Check Point Research recently published which brands are most used by cybercriminals in their phishing attempts – such as stealing personal information or payment credentials. As in the last report, LinkedIn continues to be at the top of the list – although its share has declined slightly – from 52% in the first quarter to 45% in the second quarter. Social networks continue to be the most imitated category, followed by technology.
The most outstanding increase among technologies exploited for phishing was Microsoft. In the last quarter, Microsoft accounted for 13% of all Brand Phishing attempts, more than double the amount recorded in the quarter previous. DHL, with 12%, moved to third position.
Phishing campaigns that were based on the social network LinkedIn mimicked the platform's communication style with malicious emails using subjects such as: “Appears in 8 searches this week” or “Has a new message” or “I would like to do business with you through LinkedIn”. Although they appeared to come from LinkedIn, they used a completely different email address than the brand.
“Phishing emails are a prominent tool in every hacker's arsenal as they are quick to implement and can reach millions of users at a relatively low cost,” says Omer Dembinsky, Data Research Group Manager at Check Point Software. “These attacks give cybercriminals the opportunity to take advantage of the reputation of trusted brands to give users a false sense of security that can be exploited to steal personal or business information for financial gain”, he adds.
In the top 10 of the most frequently searched brands for phishing in the second quarter of this year, Adidas, Adobe and HSBC entered for the first time.
If your company has not yet implemented the International Information Security Standard, please download our Ebook now and learn more about this service to improve your business.