Phishing attacks often try to attract those affected by posing as recognized companies, brands, and products. The purpose is to arouse interest, interest or even concern in recipients so that they are more likely to take the bait and fall into the scam.
Brand phishing on specific jobs by spoofing Internet sites from popular organizations or products through which attackers query to download login credentials or other sensitive data. A new report from cyber-risk data provider Check Point Research highlights some of the most fake brands detected during this quarter.
SEE: Zero Trust Security: A Cheat Sheet (Free PDF) (TechRepublic)
Check Point’s “Brand Impersonation Report for the Second Quarter of 2020,” released Tuesday, revealed that Google and Amazon were the most counterfeited brands in the last quarter, accounting for 13% of the brand identity spoofing campaigns analyzed. At the same time, Apple rose from first place in the first quarter of 2020 to seventh in the last quarter, representing only 2% of the brand phishing attacks observed.
Elsewhere on the list, WhatsApp and Facebook are tied for third place, accounting for 9% of branded phishing campaigns. Microsoft accounted for 7%, Outlook 3% and Netflix tied with Apple, Huawei and PayPal 2%. As far as industries are concerned, the most imitated was technology, followed by banking, then social media.
The list of the 10 most sensible counterfeit brands has been repositioned especially since the first quarter. Beyond Apple’s drop on the list, Google took the top spot when it wasn’t even on the list in the first quarter, while Amazon dropped from tenth to 1st place to a first-place draw. Why do I change from quarter to quarter?
“It’s hard to say, and in many cases we can only speculate,” Check Point knowledge studio manager Omer Dembinsky told TechRepublic. “Amazon’s rise, for example, would possibly be similar to the expansion of online grocery shopping to the COVID-19 pandemic, but for others it would possibly be more complicated to imply an express reason. Sometimes it’s enough to have some campaigns from risk actors to move a logo up or down the leaderboard.”
Among vectors or attack platforms, email accounted for 24% of the brand’s phishing campaigns, with Microsoft, Outlook and UniCredit being counterfeit highs. Web attacks accounted for 61%, with Google, Amazon and WhatsApp being counterfeit highs. And cell phone brands accounted for 15% of all attacks, with Facebook, WhatsApp and PayPal being the imitated highs.
Email phishing exploits rose to the moment position after third position in the last quarter. This replenishment is possibly caused by the easing of coronavirus restrictions through which companies began reopening and workers began to return to work, Check Point said.
In a branded phishing crusade detected through Check Point last June, attackers attempted to mimic Apple’s iCloud service connection page. Using the account-icloud.com domain call and registered under an IP address located in Russia, this attack attempted to borrow iCloud login information. In another crusade noticed in May, a fraudulent online page attempted to impersonate a PayPal login page. Using the paypol-login.com domain, this site was registered under an IP address in the United States.
For you and your organization of those types of branded phishing attacks, Check Point offers the following tips:
Lance Whitney is an independent generation editor and teacher and former IT professional. He has written for Time, CNET, PCMag and several other publications. He is the one with two technical books, one on Windows and the other on LinkedIn.