STOCK TITAN

Microsoft Dominates as the Most Impersonated Brand for Phishing Scams in Q2 2023

Rhea-AI Impact
(Low)
Rhea-AI Sentiment
(Negative)
Tags
Rhea-AI Summary
Check Point Research (CPR) has published its Brand Phishing Report for Q2 2023, revealing that Microsoft, Google, and Apple are the top three most impersonated brands by cybercriminals. Microsoft accounted for 29% of all brand phishing attempts, followed by Google with 19% and Apple with 5%. The technology sector was the most impersonated, with banking and social media networks following closely.
Positive
  • The report provides valuable insights into the most frequently imitated brands by cybercriminals, highlighting the need for increased cybersecurity measures. Microsoft's top ranking indicates the severity of phishing attempts targeting the tech giant, shedding light on the evolving tactics used by cybercriminals.
  • The report's emphasis on the technology sector's vulnerability to brand phishing attacks offers important information for organizations and individuals to enhance their cybersecurity strategies and awareness.
Negative
  • The report lacks specific data on the financial impact of brand phishing attacks on the affected companies, limiting the comprehensive understanding of the potential economic repercussions.
  • While the report highlights the top impersonated brands, it does not provide detailed information on the specific phishing tactics employed by cybercriminals, which could offer valuable insights for cybersecurity professionals.

Check Point Research’s latest Brand Phishing Report reveals that three of the world's biggest technology companies have taken the top three spots this quarter as Google creeps up the list and Apple makes an appearance for the first time this year

SAN CARLOS, Calif., July 18, 2023 (GLOBE NEWSWIRE) -- Check Point Research (CPR), the Threat Intelligence arm of Check Point® Software Technologies Ltd. (NASDAQ: CHKP) and a leading provider of cyber security solutions globally, has published its Brand Phishing Report for Q2 2023. The report highlights the brands that were most frequently imitated by cybercriminals in their attempts to steal individuals’ personal information or payment credentials during April, May and June 2023.

Last quarter global technology company Microsoft climbed up the rankings, moving from third place in Q1 2023 to top spot in Q2. The tech giant accounted for 29% of all brand phishing attempts. This may be partially explained by a phishing campaign that saw hackers targeting account holders with fraudulent messaging regarding unusual activity on their account. The report ranked Google in second place, accounting for 19% of all attempts and Apple in third, featuring in 5% of all phishing events during the last quarter. In terms of industry, the technology sector was the most impersonated, followed by banking and social media networks.

At the beginning of this year, CPR warned of an upward trend that saw phishing campaigns leveraging the finance industry, and this has continued over the last three months. For example, American banking organization Wells Fargo took fourth place this quarter due to a series of malicious emails requesting account information. Similar tactics were noted in other scams that imitated brands such as Walmart and LinkedIn, which also featured in this report's top ten list taking sixth and eighth place.

“While the most impersonated brands move around quarter to quarter, the tactics that cybercriminals use scarcely do. This is because the method of flooding our inboxes and luring us into a false sense of security by using reputable logos has proven successful time and time again” said Omer Dembinsky, Data Group Manager at Check Point Software.

“This is why we all must commit to stop and review, taking a moment before clicking on any link we don’t recognize. Does something feel off? Is there bad grammar or any language that is prompting an instant response? If so, this may be an indicator of a phishing email. For organizations worried about their own data and reputation, it is key that they take advantage of the right technologies that can effectively block these emails before they have chance to dupe a victim.”

In its latest Titan release R81.20, Check Point has also announced an inline security technology called ‘Zero Phishing’ was enhanced now with a new engine called Brand Spoofing Prevention, designed to stop brand impersonation and scaled to detect and block also local brands that are used as lures, in any language, any country, and it also prevents pre-emptively – as the engine recognized the fake domains on registration stage and blocks access to them. The solution uses an innovative AI-Powered engine, advanced Natural Language Processes and improved URL scanning capabilities to auto-inspect possible malicious attempts and block access to impersonated local and global brands across multiple languages and countries, resulting in a 40% higher catch rate than traditional technologies.

In a brand phishing attack, criminals try to imitate the official website of a well-known brand by using a similar domain name or URL and a web-page design that resembles the genuine site. The link to the fake website can be sent to targeted individuals by email or text message, a user can be redirected during web browsing, or it may be triggered from a fraudulent mobile application. The fake website often contains a form intended to steal users’ credentials, payment details or other personal information.

Top phishing brands in Q2 2023

Below are the top brands ranked by their overall appearance in brand phishing attempts:

  1. Microsoft (29%)
  2. Google (19.5%)
  3. Apple (5.2%)
  4. Wells Fargo (4.2%)
  5. Amazon (4%)
  6. Walmart (3.9%)
  7. Roblox (3.8%)
  8. LinkedIn (3%)
  9. Home Depot (2.5%)
  10. Facebook (2.1%)

Microsoft Phishing Email – Unusual Activity Example

In the second quarter of 2023, a phishing campaign targeted Microsoft account holders by sending fraudulent messages regarding unusual sign-in activity.

The campaign involved deceptive emails which were sent allegedly from inside the company with sender names such as “Microsoft on <company domain>”. The subject line of these phishing emails was "RE: Microsoft account unusual sign-in activity" and they claimed to have detected unusual sign-in activity on the recipient's Microsoft account. The emails provided details of the alleged sign-in, such as the country/region, IP address, date, platform and browser.

To address this supposed security concern, the phishing emails urged recipients to review their recent activity by clicking on a provided link which leads to malicious websites unrelated to Microsoft. The URLs used in the campaign, such as hxxps://online.canpiagn[.]best/configurators.html and hxxps://bafybeigbh2hhq6giieo6pnozs6oi3n7x57wn5arfvgtl2hf2zuf65y6z7y[.]ipfs[.]dweb[.] The link is currently inaccessible, but the assumption is that they were designed to steal user credentials or personal information, or to download malicious content onto the user’s device.

LinkedIn Phishing Email - Account Theft Example

During Q2 of 2023 a phishing email imitating LinkedIn, a professional networking platform, was identified. The email falsely claimed to be from “LinkedIn” and had the subject line "Revise PO June - Order Sheet." It aimed to deceive recipients into clicking on a malicious link by disguising it as a report. The phishing link (which is no longer active) in the email led to a suspicious website located at hxxps://amazonlbb[.]ajimport[.]com[.]br/china/newcodingLinkedin/index.html. Clicking on this link posed a risk of account theft and other malicious activities.

Wells Fargo Phishing Email - Account Verification Scam

During Q2 of 2023 a phishing email campaign impersonating Wells Fargo, a prominent financial institution, was observed. The email was sent from the address "29@9bysix[.]co[.]za" and appeared to be from “Wellsfargo Online”. It had the subject line "Verification Required" and aimed to trick recipients into providing their account information by claiming that certain details were missing or incorrect.

The phishing email included malicious link (no longer active): hxxps://vmi1280477[.]contaboserver[.]net/pyfdwqertfdswwrty/wells/main[.]html. The link led to a malicious website where users were prompted to enter their account credentials, potentially resulting in unauthorized access or account compromise.

Walmart Phishing Email - False Gift Card Offer

In Q2 of 2023 a phishing email campaign impersonating Walmart, a retail company, was detected. The email was sent from the address “info@chatpood[.]info” and had the subject line "Walmart eGift Card Waiting." The purpose of this fraudulent email was to deceive recipients by offering them a $500 Walmart Gift Card as a token of appreciation for their loyalty. The phishing email contained malicious link: hxxps://cloud[.]appsmtpmailers[.]com. Clicking on these links would redirect users to a fraudulent webpage where they would be asked to provide personal information such as their name and email address, to verify eligibility. Currently this site is inactive.

Follow Check Point Research via:
Blog: https://research.checkpoint.com/ 
Twitter: https://twitter.com/_cpresearch_ 

About Check Point Research 
Check Point Research provides leading cyber threat intelligence to Check Point Software customers and the greater intelligence community. The research team collects and analyzes global cyber-attack data stored on ThreatCloud to keep hackers at bay, while ensuring all Check Point products are updated with the latest protections. The research team consists of over 100 analysts and researchers cooperating with other security vendors, law enforcement and various CERTs. 

About Check Point Software Technologies Ltd.
Check Point Software Technologies Ltd. (www.checkpoint.com) is a leading provider of cyber security solutions to corporate enterprises and governments globally. Check Point Infinity's portfolio of solutions protects enterprises and public organizations from 5th generation cyber-attacks with an industry leading catch rate of malware, ransomware and other threats. Infinity comprises three core pillars delivering uncompromised security and generation V threat prevention across enterprise environments: Check Point Harmony, for remote users; Check Point CloudGuard, to automatically secure clouds; and Check Point Quantum, to protect network perimeters and datacenters, all controlled by the industry’s most comprehensive, intuitive unified security management. Check Point protects over 100,000 organizations of all sizes.

MEDIA CONTACT:INVESTOR CONTACT:
Emilie Beneitez LefebvreKip E. Meintzer
Check Point Software TechnologiesCheck Point Software Technologies
press@checkpoint.comir@us.checkpoint.com

FAQ

What are the top three most impersonated brands by cybercriminals in Q2 2023 according to Check Point Research's Brand Phishing Report?

According to Check Point Research's Brand Phishing Report for Q2 2023, the top three most impersonated brands are Microsoft, Google, and Apple.

Which industry was the most impersonated in terms of brand phishing attempts in Q2 2023?

The technology sector was the most impersonated, followed by banking and social media networks, according to Check Point Research's Brand Phishing Report for Q2 2023.

What insights does the report offer for organizations and individuals regarding cybersecurity measures?

The report provides valuable insights into the most frequently imitated brands by cybercriminals, highlighting the need for increased cybersecurity measures and awareness to combat brand phishing attacks.

Check Point Software Technologies Ltd

NASDAQ:CHKP

CHKP Rankings

CHKP Latest News

CHKP Stock Data

19.13B
109.98M
22.64%
73.03%
3.02%
Software - Infrastructure
Technology
Link
United States of America
Tel Aviv