Cybersecurity firm Check Point Research has published a report detailing the companies and brands hackers will imitate the most. Bad actors often imitate legitimate companies to trick victims into handing over personal information or access to a system. According to the company, Microsoft is the most imitated brand.
In its quarterly brand phishing report, Check Point says during June, July, and August of this year, Microsoft was the most frequently imitated brand. It seems cybercriminals use the Redmond giant more than rivals like Google, Apple, and Amazon.
Of course, this is not good news, but it does make some sense. Microsoft services such as Windows, Azure, and Office are most driven towards enterprise. Hackers are more likely to target organizations than they are individual consumers.
That said, it seems attackers took more of an interest in Microsoft during the third quarter. Through the second quarter, the company was the fifth most imitated brand. By the last quarter, the company took a 19% of all global phishing attacks.
Next on the list may be a surprising name. Parcel company DHL took 9% of all phishing attacks, the same percentage as Google. Rounding out the top 10 were PayPal, Netflix, Facebook, Apple, WhatsApp, Amazon, and Instagram.
Attacks
It seems email phishing is the preferred attack method, with 44% of all phishing attacks going through mail. Web phishing was next with 43%. It is clear these two attack vectors should be the biggest focus for tech companies.
Microsoft, DHL, and Apple were the most targeted through email, while Microsoft, Google, and PayPal were most targeted through web phishing.
Check Point says attackers are willing to spread themselves to find victims:
“The most likely industry to be targeted by brand phishing was technology, followed by banking and then social network. This illustrates a broad spread of some of the best-known and most used consumer sectors, particularly during the coronavirus pandemic, whereby individuals are grappling with remote working technology, potential changes to finances, and an increased use of social media.”
Back in 2019, Cisco published a report that showed Microsoft Office takes more phishing attacks than any other service. Kaspersky Lab has also said Office 365 is the main target of phishing campaigns. The security firm says 70 percent of all attacks are targeted at Office.