Microsoft Is The Most Commonly Used Alias In Phishing Attacks 

According to research from CheckPoint, Microsoft held the top spot as the number one most impersonated brand, accounting for 33% of all brand phishing attempts in the last quarter of 2023. The technology sector stood out as the most targeted industry overall, with Amazon securing second place with 9% and Google in third on 8%.

Social networks and banking represented the other two most targeted industries. Consumer spending associated with the festive period saw cyber criminals continue to target retailers in Q4 2023. 

The widely recognised package delivery brand DHL moved into the top ten, possibly due to increased activity during the November shopping month, while Amazon’s ranking can largely be attributed to the annual Amazon Fall Prime Day sale that was scheduled during the second week of October. “While we have said goodbye to 2023, one thing has followed us into the new year and that is the threat of phishing... Even cyber criminals with limited IT expertise can accurately mimic legitimate brands to deceive unsuspecting customers and carry out social engineering attacks” said Omer Dembinsky, Data Group Manager at Check Point Software.  

According to Dembinsky, the widespread use of AI by cyber criminals is leading to a higher volume of phishing campaigns tin 2024 that will be barely distinguishable from genuine company communications. 

“As the biggest names in technology, social networking and banking continue to be imitated, end users need to be extra vigilant when engaging with emails claiming to be from a reputable brand.” he said. 

The Top Ten Phishing Brands Exploited In 2023

Below are the top 10 brands ranked by their overall appearance in brand phishing events during Q4 2023: 

1.    Microsoft (33%)
2.    Amazon (9%)
3.    Google (8%)
4.    Apple (4%)
5.    Wells Fargo (3%)
6.    LinkedIn (3%)
7.    Home Depot (3%)
8.    Facebook (3%)
9.    Netflix (2%)
10.  DHL (2%)

Email Verification Scam

One notabe example of an Microsoft phishing email is one which appeas to be from 'the Microsoft account team' and claiming to require email address verification, calling on recipients to click a verification link.  It features a subject line "Microsoft: Verify your email address" aiming to create a sense of urgency. The email requests recipients to verify their email address and may potentially lead to fraudulent activities. This link is not associated with Microsoft.

The Brand Phishing Report from CheckPoint (linked Below) highlights the brands that were most frequently imitated by cyber criminals in their attempts to steal individuals’ personal information or payment credentials during October, November and December 2023.  

CheckPoint Brand Phishing Report:

You Might Also Read:

Phishing Attacks Surge As Cyber Criminals Exploit New AI Tools:

DIRECTORY OF SUPPLIERS - Brand Protection Online:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

 

« Cyber Attacks Hit Three English Councils At Once 
The British Library Gets Back Online »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

European Internet Forum (EIF)

European Internet Forum (EIF)

EIF’s mission is to help provide European political leadership for the political, economic and social challenges of the worldwide digital transformation.

Quotium

Quotium

Quotium provides automated testing technologies to make business software applications secure and robust.

CERT.AZ

CERT.AZ

The national Cyber Security Center of the Republic of Azerbaijan.

Venable

Venable

Venable is an American Lawyer 100 law firm with nine offices across the USA, Practice areas include Cybersecurity.

ESL Bangladesh

ESL Bangladesh

ESL is the Largest IT Infrastructure & Telecom Service Provider in Bangladesh.

ZeroNorth

ZeroNorth

ZeroNorth provides a new approach to improve software and infrastructure security, simplify continuous compliance reporting and to create more cost-effective risk management programs.

Risk Ledger

Risk Ledger

Risk Ledger is improving the security of the global supply chain ecosystem, reducing the number of data breaches experienced through supply chain attacks by companies and consumers alike.

usecure

usecure

usecure is a global provider of computer-based cyber security awareness training, offering the market’s most time-efficient, cost-effective and admin-lite solution for reducing insider threats.

Alacrinet

Alacrinet

Alacrinet is an IT and cyber security consultancy. From penetration testing to fully managed MSSP, our team is focused on knowing the latest threats, preventing vulnerabilities, and providing value.

Ankura Consulting Group

Ankura Consulting Group

Ankura is a global expert services and advisory firm that delivers services and end-to-end solutions in a wide range of areas including cybersecurity and digital transformation.

Charles IT

Charles IT

Charles IT is your friendly, no-nonsense IT team focused on helping companies make their technology work for them. We focus on building relationships that deliver results.

LogicBoost Labs

LogicBoost Labs

LogicBoost Labs has the expertise, experience, funding and connections to make your startup succeed. We are always interested in new ways to change the world for the better.

MadWolf Technologies

MadWolf Technologies

MadWolf’s mission is to deliver enterprise-quality managed services and focused applications to organizations operating in the non-profit, association and international development sectors.

Cyber Advisors

Cyber Advisors

Cyber Advisors offers customizable cyber security solutions and IT services for businesses of all sizes across the nation from experts you can trust.

PlanNet 21 Communications

PlanNet 21 Communications

PlanNet 21 Communications is Ireland most specialised technology solution provider.

Prefactor

Prefactor

Prefactor was built because the problem of authenticating and authorizing users continues to be a battle engineers face globally.