Yahoo Most Impersonated Brand in Q4 2022 Phishing Attacks

Rhea-AI Summary

Check Point Research has released its Brand Phishing Report for Q4 2022, revealing that Yahoo was the most impersonated brand, with 20% of phishing attempts. The report highlights a climb of 23 places for Yahoo, while DHL and Microsoft followed as the second and third most targeted brands, accounting for 16% and 11%, respectively. The report also includes examples of phishing emails targeting users of various platforms, such as Instagram and Microsoft Teams. The technology sector remained the most imitated industry, indicating significant risks for consumers as cybercriminals employ increasingly sophisticated tactics.

Positive

• Yahoo was the most impersonated brand, indicating high visibility and brand awareness.
• Check Point Research's findings highlight the company's expertise in cybersecurity measures.

Negative

• The rise in phishing attempts against major brands suggests increasing cybersecurity threats.

Check Point Research reports that Yahoo climbed 23 places in Q4 2022, while LinkedIn and FedEx returned to the top 10 list after dropping from the ranking in the previous quarter

SAN CARLOS, Calif., Jan. 23, 2023 (GLOBE NEWSWIRE) -- Check Point Research (CPR), the Threat Intelligence arm of Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a leading provider of cybersecurity solutions globally, has published its Brand Phishing Report for Q4 2022. The report highlights the brands that were most frequently imitated by cybercriminals in their attempts to steal individuals’ personal information or payment credentials during October, November and December of last year.

Yahoo was the most impersonated brand for phishing attacks during Q4 2022, climbing 23 places and accounting for 20% of all attempts. Check Point Research found cybercriminals distributing emails with subject lines that suggested a recipient had won awards or prize money from senders such as ‘Awards Promotion’ or ‘Award Center’. The content of the email informed the target that they had won prize money organized by Yahoo, worth hundreds of thousands of dollars. It asked the recipient to send their personal information and bank details, claiming to transfer the winning prize money to the account. The email also contained a warning that the target must not tell people about winning the prize because of legal issues.

In general, the technology sector was the industry most likely to be imitated by brand phishing in the last quarter of 2022, followed by shipping and social networks. DHL came in second place with 16% of all brand phishing attempts, ahead of Microsoft in the third spot with 11%. LinkedIn also returned to the list this quarter, reaching fifth place with 5.7%. DHL’s popularity could be due to the busy online shopping season surrounding Black Friday and Cyber Monday, with hackers using the brand to generate ‘fake’ deliveries notifications.

Omer Dembinsky, Data Group Manager at Check Point Software said: “We are seeing hackers trying to bait their targets by offering awards and significant amounts of money. Remember, if it looks too good to be true, it almost always is. You can protect yourself from a brand phishing attack by not clicking on suspicious links or attachments and by always checking the URL of the page you are directed to. Look for misspellings and do not volunteer unnecessary information.”

Top 10 Most Imitated Brands
Below are the top brands ranked by their overall appearance in brand phishing attempts:

1. Yahoo (20%)
   
2. DHL (16%)
   
3. Microsoft (11%)
   
4. Google (5.8%)
   
5. LinkedIn (5.7%)
   
6. WeTransfer (5.3%)
   
7. Netflix (4.4%)
   
8. FedEx (2.5%)
   
9. HSBC (2.3%)
   
10. WhatsApp (2.2%)

Instagram Phishing Email – Account Theft Example

CPR observed a malicious phishing email campaign that was sent from “badge@mail-ig[.]com”. The email was sent with the subject “blue badge form”, and the content tried to persuade the victim to click on a malicious link claiming that the victim’s Instagram account had been reviewed by the Facebook team (the owner of the Instagram brand) and deemed eligible for the Blue Badge.

Figure 1. Malicious email which contained the subject “blue badge form”

Figure 2: fraudulent login page https://www[.]verifiedbadgecenters[.]xyz/contact/

Microsoft Teams Phishing Email - Account Theft Example

In this Phishing email, Check Point Research found an attempt to steal a user’s Microsoft account information. The email was sent from the address “teamsalert_Y3NkIGpoY2pjc3dzandpM3l1ODMzM3Nuc2tlY25taXc@gmx[.]com[.]my“ under a fake sender’s name - “Teams” with the subject “you have been added to a new team”.

The attacker tries to lure the victim to click on the malicious link claiming that they have been added to a new team in the app. Choosing to confirm the collaboration leads to a malicious website “https://u31315517[.]ct[.]sendgrid[.]net/ls/click” which is no longer active.

Figure 3: The malicious email which contained the subject “you have been added to a new team”

Adobe Phishing Email - Account Theft Example

This phishing email, which uses Abode’s branding, was sent from the address “grupovesica@adobe-partner[.]com”, and its subject, originally in Spanish, read - “Activate your license! Take advantage of its benefits” (originally: “¡Activa tu licencia! Aprovecha sus beneficios”). In the email the victim is encouraged to contact experts to help utilize the application license.

Clicking the link in the email (“https://adobeconciergeservices[.]com/_elink/bfgkw374wekci/bcplw9h143poj/bdpip0zrm95o3”), opens a new draft message in Outlook addressed to a foreign email (not associated to Adobe), in which the user is asked to insert credit details and information for the “activation” of the license.

Figure 4: Adobe phishing email with the subject “Activate your license! Take advantage of its benefits”

Follow Check Point Research via:
Blog: https://research.checkpoint.com/ 
Twitter: https://twitter.com/cpresearch

About Check Point Research 
Check Point Research provides leading cyber threat intelligence to Check Point Software customers and the greater intelligence community. The research team collects and analyzes global cyber-attack data stored on ThreatCloud to keep hackers at bay, while ensuring all Check Point products are updated with the latest protections. The research team consists of over 100 analysts and researchers cooperating with other security vendors, law enforcement and various CERTs. 

About Check Point Software Technologies Ltd.  
Check Point Software Technologies Ltd. (www.checkpoint.com) is a leading provider of cybersecurity solutions to corporate enterprises and governments globally. Check Point Infinity’s portfolio of solutions protects enterprises and public organisations from 5^th generation cyberattacks with an industry leading catch rate of malware, ransomware and other threats. Infinity comprises four core pillars delivering uncompromised security and generation V threat prevention across enterprise environments: Check Point Harmony, for remote users; Check Point CloudGuard, to automatically secure clouds; and Check Point Quantum, to protect network perimeters and datacenters, all controlled by the industry’s most comprehensive, intuitive unified security management; Check Point Horizon, a prevention-first security operations suite. Check Point protects over 100,000 organizations of all sizes.

MEDIA CONTACT:	INVESTOR CONTACT:
Emilie Beneitez Lefebvre	Kip E. Meintzer
Check Point Software Technologies	Check Point Software Technologies
press@checkpoint.com	ir@us.checkpoint.com

Photos accompanying this announcement are available at

https://www.globenewswire.com/NewsRoom/AttachmentNg/8d2e97f4-49fc-4989-9b6b-0e5232fde25e

https://www.globenewswire.com/NewsRoom/AttachmentNg/60fd68d5-0184-47ee-a4a3-c7fe18acea50

https://www.globenewswire.com/NewsRoom/AttachmentNg/5d6cdb2e-03ae-402a-83eb-f76b48235e8b

https://www.globenewswire.com/NewsRoom/AttachmentNg/7c860341-032a-42a9-8900-b8dd7f1a2bc9

FAQ

What does Check Point Research's Q4 2022 Brand Phishing Report indicate about phishing trends?

The report shows Yahoo as the most impersonated brand, followed closely by DHL and Microsoft, indicating escalating phishing threats.

What percentage of phishing attempts targeted Yahoo in Q4 2022?

Yahoo accounted for 20% of all phishing attempts reported in Q4 2022.

Which brands returned to the top 10 most imitated in Q4 2022?

LinkedIn and FedEx returned to the top 10 list, reflecting their increased targeting by cybercriminals.

What sectors are most affected by phishing attacks according to Check Point Research?

The technology sector was the most affected, followed by shipping and social networks.

How can individuals protect themselves from phishing attacks?

Check Point Research advises against clicking suspicious links and recommends verifying URLs along with being cautious about sharing personal information.