HomeWinBuzzer NewsMicrosoft Is the Most Phished Brand for the Fifth Quarter in a...

Microsoft Is the Most Phished Brand for the Fifth Quarter in a Row

VadeSecure has detected over 20,000 Microsoft-related phishing URLs in Q2 2019, making it easily the most imitated company.

-

VadeSecure's phishing report has named as the most impersonated brand for the fifth quarter in a row. The email defense company analyzes URLs to secure the data, with a massive 20,217 unique Microsoft URLs in 2019's second quarter.

That puts it significantly above PayPal, with Facebook close behind it after a recent uptick in attacks. Microsoft is a popular choice for scammers given its wide product range and use in the enterprise.

“To understand why Microsoft phishing has achieved a level of sustained dominance, consider the size and growth of . In its latest quarterly earnings, Microsoft reported more than 180 million active monthly Office 365 business users. Moreover, IDC estimates that Office 365 constitutes almost half (47.6%) of enterprise cloud email implementations worldwide,” explains VadeSecure.

Office 365 credentials are lucrative to phishers, with a single point of entry providing access to emails, OneDrive, images, SharePoint documents, and more. Attackers primarily use methods like fake forms or account deactivation warnings, emulating the Microsoft site by pulling its assets.

Lots of Attacks, Few Hits

We've reported on a number of phishing attacks in recent years, some of which exploit known bugs. As well as Microsoft, phishers have attacked Facebook, Spotify, and Gmail users.

However, Microsoft noted last year that though Office has a high rate of phishing attempts, the success rate is low. It's been active in pushing back against campaigns since 2017, adding a threat tracker tool and building in anti-spoof for ATP and Enterprise E5 customers.

Meanwhile, Facebook has seen a 175% increase in phishing URLs in Q2, taking it ahead of Netflix. It seems the app's single sign-on integration could be to blame for this, as attackers can compromise an account to see the other apps and services connected to it.

The data here, of course, doesn't include other forms of phishing, such as phonecalls. Microsoft is still a popular choice among spam callers, who attempt to gain access to a user's PC through software like TeamViewer.

Ryan Maskell
Ryan Maskellhttps://ryanmaskell.co.uk
Ryan has had a passion for gaming and technology since early childhood. Fusing the skills from his Creative Writing and Publishing degree with profound technical knowledge, he enjoys covering news about Microsoft. As an avid writer, he is also working on his debut novel.

Recent News