[ad_1]
Check Point Research, the threat intelligence arm of Check Point Software Technologies Ltd., a recognized global cybersecurity solutions provider, has released its new Brand Impersonation Report for Q3 2020. The report highlights the brands that were most frequently imitated by criminals in their attempts. to steal personal information or payment credentials from individuals during July, August and September.
In Q3, Microsoft was the brand most frequently attacked by cybercriminals, moving from fifth place (relative to 7% of all brand phishing attempts globally in Q2 2020) to the top of the ranking. 19% of all brand phishing attempts related to the tech giant, as threat actors sought to capitalize on a large number of employees still working remotely during the COVID-19 pandemic.
Remote work technology
In the last quarter, we saw the largest increase in email phishing attacks of all platforms compared to the second quarter. “
For the first time in 2020, DHL entered the top 10 of the rankings, ranking second with 9% of all company-related phishing attempts. The industry most likely to be targeted for brand phishing was technology, followed by banking and then social media.
This illustrates a wide spread of some of the best-known and most-used consumer sectors, particularly during the coronavirus pandemic, in which people are grappling with remote work technology, potential changes in finances, and increased use of social networks.
Email phishing attacks
Maya Horowitz, Director, Intelligence and Threat Research, Check Point Products said: “In the last quarter, we saw the largest increase in email phishing attacks of all platforms compared to the second quarter, with Microsoft being the most impersonated brand. This has been driven by threat actors taking advantage of the massive migration to remote work forced by the COVID-19 pandemic, to attack employees with fake emails asking them to reset their Microsoft Office 365 credentials. “
“As always, we encourage users to be cautious when disclosing personal data and credentials to commercial applications, and to think twice before opening links or email attachments, especially emails that claim to be from companies, such as Microsoft or Google, that they are more likely to be supplanted. “
Fraudulent cell phone request
The fake website often contains a form intended to steal users’ credentials, payment details, or other personal information.
In a brand phishing attack, criminals attempt to imitate the official website of a known brand using a domain name or URL and web page layout similar to the original site. The fake website link can be sent to specific people via email or text message, it can be redirected to a user during web browsing, or it can be triggered from a rogue cell phone app. The fake website often contains a form intended to steal users’ credentials, payment details, or other personal information.
The top brands are ranked based on their overall appearance in brand phishing attempts:
- Microsoft (related to 19% of all brand phishing attempts globally)
- DHL (9%)
- Google (9%)
- PayPal (6%)
- Netflix (6%)
- Facebook (5%)
- Apple (5%)
- Whatsapp (5%)
- Amazon (4%)
- Instagram (4%)
Top Phishing Brands by Platform
During the third quarter of 2020, email phishing was the most prominent type of branded phishing platform, accounting for 44% of attacks, followed closely by web phishing, which was the second most attacked platform compared to the second quarter, where it ranked first. The top phishing brands exploited by email phishing attacks were Microsoft, DHL, and Apple, in that order.
- Email (44% of all phishing attacks during Q3)
- Web (43% of all phishing attacks during Q3)
- Cell phone (12% of all phishing attacks during the third quarter)
Enter your billing information
- Example A: Microsoft spoofing email aims to steal credentials
In mid-August, Check Point researchers witnessed a malicious phishing email that attempted to steal the credentials of Microsoft accounts. The attacker was trying to entice the victim to click on a malicious link that redirects the user to a fraudulent Microsoft login page.
- Example B: Amazon phishing email attempts to steal credential information
During September, Check Point researchers noticed a malicious phishing email that was allegedly sent by Amazon and was trying to steal the user’s credit information. The email stated that the user’s account was disabled due to too many login failures and pointed the user to a fraudulent Amazon billing center website instructing the user to enter billing information.
Threat sensors
The Check Point Impersonation Report is based on ThreatCloud intelligence from Check Point, one of the largest collaborative networks to combat cybercrime, delivering threat data and attack trends from a global network of threat sensors. . The ThreatCloud database contains more than 250 million addresses analyzed for bot discovery, more than 11 million malware signatures and more than 5.5 million infected websites and identifies millions of types of malware on a daily basis.
