Microsoft has been labelled as the most impersonated brand for phishing scams last quarter, being used in nearly three out of 10 scam attempts.
According to the threat intelligence arm of Check Point Software Technologies, Check Point Research, and its Brand Phishing Report for the second quarter of 2023, Microsoft branding was used in 29 per cent of all phishing attempts over the three-month period.
Google came in second place with 19 per cent and Apple placed third with 5 per cent. In terms of other global technology brands, Amazon ranked fifth with 4 per cent, video game platform Roblox was seventh with 3.8 per cent, LinkedIn was eighth with 3 per cent and Facebook rounded out the top 10 with 2.1 per cent.
The remaining places went to American businesses — bank Wells Fargo was fourth with 4.2 per cent, shopping retailer Walmart was sixth with 3.9 per cent and home improvement chain Home Depot was ninth with 2.5 per cent.
“While the most impersonated brands move around quarter to quarter, the tactics that cyber criminals use scarcely do. This is because the method of flooding our inboxes and luring us into a false sense of security by using reputable logos has proven successful time and time again.” said Omer Dembinsky, data group manager at Check Point Software.
“This is why we all must commit to stop and review, taking a moment before clicking on any link we don’t recognise. Does something feel off? Is there bad grammar or any language that is prompting an instant response? If so, this may be an indicator of a phishing email. For organisations worried about their own data and reputation, it is key that they take advantage of the right technologies that can effectively block these emails before they have chance to dupe a victim.”
Check Point Research’s brand phishing analysis for the quarter comes a month after Identity Defined Security Alliance declared phishing as 2022’s most common type of identity-related incident.