Social Now Among Top Three Sectors to be Imitated in Phishing Attempts in Q3 2021
Check Point Research has released its Q3 2021 Brand Phishing Report, identifying the brands frequently targeted by cybercriminals. Microsoft was the most imitated brand, accounting for 29% of phishing attempts, down from 45% in Q2 2021. Amazon followed with 13%, overtaking DHL, which now sits at 9%. Notably, WhatsApp, LinkedIn, and Facebook entered the top three sectors exploited in phishing attempts. The report warns users to be cautious when sharing personal data, especially regarding emails from popular brands.
- Microsoft's phishing attempts decreased from 45% to 29%, indicating improved security measures.
- Amazon's rise to 13% reflects strong brand recognition and potential user engagement.
- Phishing attempts targeting Microsoft remain high at 29%, signaling ongoing vulnerabilities.
- The emergence of social media brands in phishing attempts indicates a shift in cybercriminal tactics.
Check Point Research issues Q3 Brand Phishing Report, highlighting the leading brands that hackers imitated in attempts to lure people into giving up personal data
SAN CARLOS, Calif., Oct. 19, 2021 (GLOBE NEWSWIRE) -- Check Point Research (CPR), the Threat Intelligence arm of Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a leading provider of cyber security solutions globally, has published its new Brand Phishing Report for Q3 2021. The report highlights the brands which were most frequently imitated by criminals in their attempts to steal individuals’ personal information or payment credentials during July, August and September.
In Q3, Microsoft continued its reign as the brand most frequently targeted by cybercriminals, albeit at a slightly lower rate. Twenty-nine percent of all brand phishing attempts were related to the technology giant, down from
The report also reveals that, for the first time this year, social was among the top three sectors to be imitated in phishing attempts, with WhatsApp, LinkedIn and Facebook all appearing in the top ten list of most imitated brands.
“Threat actors are constantly trying to innovate their attempts to steal peoples’ personal data by impersonating leading brands. For the first time this year, social channels have become one of the top three categories exploited by cybercriminals, no doubt in an attempt to take advantage of the increasing number of people working and communicating remotely in the wake of the pandemic,” said Omer Dembinsky, Data Research Group Manager at Check Point Software. “Unfortunately, there’s only so much these brands can do to help combat phishing attempts. So often, it’s the human element that often fails to pick up on a misspelt domain, an incorrect date, or another suspicious detail in a text or email. As always, we encourage users to be cautious when divulging their data, and to think twice before opening email attachments or links, especially emails that claim to be from companies such as Amazon, Microsoft or DHL as they are the most likely to be imitated. Following the data from Q3, we’d also urge users to be vigilant when it comes to any emails or other communications that appear to be from social media channels such as Facebook or WhatsApp.”
In a brand phishing attack, criminals try to imitate the official website of a well-known brand by using a similar domain name or URL and web-page design to the genuine site. The link to the fake website can be sent to targeted individuals by email or text message, a user can be redirected during web browsing, or it may be triggered from a fraudulent mobile application. The fake website often contains a form intended to steal users’ credentials, payment details or other personal information.
Top phishing brands in Q3 2021
Below are the top brands ranked by their overall appearance in brand phishing attempts:
- Microsoft (related to
29% of all phishing attacks globally) - Amazon (
13% ) - DHL (
9% ) - Bestbuy (
8% ) - Google (
6% ) - WhatsApp (
3% ) - Netflix (
2.6% ) - LinkedIn (
2.5% ) - Paypal (
2.3% ) - Facebook (
2.2% )
Google Phishing Email - Credentials Theft Example
During this quarter, we witnessed a malicious phishing mail that was trying to steal access credentials to a Google account. The email, which was sent from the email address Google (no-reply@accounts[.]google[.]com), contained the subject “Help strengthen the security of your Google Account”. In the following fraudulent email we notice the year wasn’t changed (“2020 Google”). The attacker was trying to lure the victim to click on a malicious link (http://router-ac1182f5-3c35-4648-99ab-275a82a80541[.]eastus[.]cloudapp[.]azure[.]com) which redirects the user to a fraudulent malicious login page that looks like the real Google login website. In the malicious link, the user needed to enter their Google account details.
LinkedIn Phishing Email - Account Theft Example
In this phishing email, we see an attempt to steal a user’s LinkedIn account information. The email which was sent from the email address Linkedln (linkedin@connect[.]com), contained the subject “You have a new Linkedln business invitation from *****”. The attacker was trying to lure the victim to click on a malicious link, which redirects the user to a fraudulent LinkedIn login page. In the malicious link (https://www[.]coversforlife[.]com/wp-admin/oc/nb/LinkedinAUT/login[.]php), the user needed to enter their username and their password. On the fraudulent website we can see that the year wasn’t changed (“2020 LinkedIn”).
As always, we encourage users to be cautious when divulging personal data and credentials to business applications or websites, and to think twice before opening email attachments or links, especially emails that claim to be from companies such as Amazon, Microsoft or DHL, as they are the most likely to be impersonated.
Follow Check Point Research via:
Blog: https://research.checkpoint.com/
Twitter: https://twitter.com/_cpresearch_
About Check Point Research
Check Point Research (CPR) provides leading cyber threat intelligence to Check Point Software customers and the greater intelligence community. The research team collects and analyzes global cyber-attack data stored on ThreatCloud to keep hackers at bay, while ensuring all Check Point solutions are updated with the latest protections. The research team consists of over 100 analysts and researchers cooperating with other security vendors, law enforcement and various CERTs.
About Check Point Software Technologies Ltd.
Check Point Software Technologies Ltd. (www.checkpoint.com) is a leading provider of cyber security solutions to corporate enterprises and governments globally. Check Point Infinity´s portfolio of solutions protects enterprises and public organisations from 5th generation cyber-attacks with an industry leading catch rate of malware, ransomware and other threats. Infinity comprises three core pillars delivering uncompromised security and generation V threat prevention across enterprise environments: Check Point Harmony, for remote users; Check Point CloudGuard, to automatically secure clouds; and Check Point Quantum, to protect network perimeters and datacenters, all controlled by the industry’s most comprehensive, intuitive unified security management. Check Point protects over 100,000 organizations of all sizes.
| MEDIA CONTACT: | INVESTOR CONTACT: |
| Laura Martinez Hidalgo | Kip E. Meintzer |
| Check Point Software Technologies | Check Point Software Technologies |
| press@checkpoint.com | ir@us.checkpoint.com |
FAQ
What brands are most targeted in phishing attempts according to Check Point's Q3 report?
How has the rate of phishing attempts against Microsoft changed in Q3 2021?
Which new sector has entered the top three for phishing attempts?
What should users do to protect themselves from phishing attempts?
What does Check Point's Brand Phishing Report indicate about online security trends?
