Microsoft Is The Most Commonly Used Alias In Phishing Attacks 

Uploaded on 2024-01-23 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

According to research from CheckPoint, Microsoft held the top spot as the number one most impersonated brand, accounting for 33% of all brand phishing attempts in the last quarter of 2023. The technology sector stood out as the most targeted industry overall, with Amazon securing second place with 9% and Google in third on 8%.

Social networks and banking represented the other two most targeted industries. Consumer spending associated with the festive period saw cyber criminals continue to target retailers in Q4 2023. 

The widely recognised package delivery brand DHL moved into the top ten, possibly due to increased activity during the November shopping month, while Amazon’s ranking can largely be attributed to the annual Amazon Fall Prime Day sale that was scheduled during the second week of October. “While we have said goodbye to 2023, one thing has followed us into the new year and that is the threat of phishing... Even cyber criminals with limited IT expertise can accurately mimic legitimate brands to deceive unsuspecting customers and carry out social engineering attacks” said Omer Dembinsky, Data Group Manager at Check Point Software.  

According to Dembinsky, the widespread use of AI by cyber criminals is leading to a higher volume of phishing campaigns tin 2024 that will be barely distinguishable from genuine company communications. 

“As the biggest names in technology, social networking and banking continue to be imitated, end users need to be extra vigilant when engaging with emails claiming to be from a reputable brand.” he said. 

The Top Ten Phishing Brands Exploited In 2023

Below are the top 10 brands ranked by their overall appearance in brand phishing events during Q4 2023: 

1.    Microsoft (33%)
2.    Amazon (9%)
3.    Google (8%)
4.    Apple (4%)
5.    Wells Fargo (3%)
6.    LinkedIn (3%)
7.    Home Depot (3%)
8.    Facebook (3%)
9.    Netflix (2%)
10.  DHL (2%)

Email Verification Scam

One notabe example of an Microsoft phishing email is one which appeas to be from 'the Microsoft account team' and claiming to require email address verification, calling on recipients to click a verification link.  It features a subject line "Microsoft: Verify your email address" aiming to create a sense of urgency. The email requests recipients to verify their email address and may potentially lead to fraudulent activities. This link is not associated with Microsoft.

The Brand Phishing Report from CheckPoint (linked Below) highlights the brands that were most frequently imitated by cyber criminals in their attempts to steal individuals’ personal information or payment credentials during October, November and December 2023.  

CheckPoint Brand Phishing Report:

You Might Also Read:

Phishing Attacks Surge As Cyber Criminals Exploit New AI Tools:

DIRECTORY OF SUPPLIERS - Brand Protection Online:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« Cyber Attacks Hit Three English Councils At Once 
The British Library Gets Back Online »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Tripwire

Tripwire

Tripwire are a leading provider of risk-based security, compliance and vulnerability management solutions.

Atomicorp

Atomicorp

Atomicorp, the leader in Secure Linux, is a developer of solutions for the protection and support of cloud, virtual, shared, and dedicated web hosting environments.

Claranet

Claranet

Claranet are experts in modernising and running critical applications and infrastructure through end-to-end professional services, managed services and training.

National Digital Exploitation Centre (NDEC) - United Kingdom

National Digital Exploitation Centre (NDEC) - United Kingdom

NDEC is a project to create a centre of cyber and digital development and education for the UK. It will offer training in digital practices, cyber security and research.

Empiric

Empiric

Empiric is a multi-award winning technology and transformation recruitment agency specialising in data, digital, cloud and security.

Vortiv

Vortiv

Vortiv Ltd (formerly known as Transaction Solutions International Ltd) is a technology based company focused on the cybersecurity and the cloud services sector.

iSecurity Consulting

iSecurity Consulting

iSecurity delivers a complete lifecycle of digital protection services across the globe for public and private sector clients.

Cyway

Cyway

Cyway is a value-added cybersecurity distributor focusing on on-prem, cloud solutions and hybrid solutions, IoT, AI & machine learning IT security technologies.

NanoVMs

NanoVMs

NanoVMs is the industry's only unikernel platform available today. NanoVMs runs your applications as secure, isolated virtual machines faster than bare metal installs.

Binary Security AS

Binary Security AS

Binary Security is a Norwegian information security consultancy company. We are specialists at application security, penetration testing and secure code reviews.

Inveteck Global

Inveteck Global

Inveteck Global is a Ghana-based cyber security firm providing strategic guidance and technical solutions to all our clients to best serve their individual needs.

OneLayer

OneLayer

OneLayer provide enterprise grade security dedicated for private LTE/5G networks. We ensure that the best IoT security toolkit is implemented in your cellular environment.

SecAlliance

SecAlliance

SecAlliance is a cyber threat intelligence product and services company.

Numen Cyber Technology

Numen Cyber Technology

Numen Cyber Technology is committed to becoming a Threat Discovery and Response expert for corporate customers.

Beacon Technology

Beacon Technology

Beacon Technology offers a comprehensive platform consisting of XDR, VMDR, and Breach and Attack simulation tools.

Virtual IT Group (VITG)

Virtual IT Group (VITG)

VITG is a cyber security-focused Managed Service Provider (MSP).