Microsoft most imitated brand of all phishing attacks: Report

Update: 2021-10-19 19:46 IST

Microsoft most imitated brand of all phishing attacks

New Delhi: In the third quarter, tech giant Microsoft stayed as leader of the most imitated brands at 29 per cent of all phishing attacks globally, albeit at a slower rate, down from 45 per cent in the second quarter of 2021, a report said on Tuesday.

According to Check Point Research (CPR), for the first time this year, social was among the top three sectors to be imitated in phishing attempts, with WhatsApp, LinkedIn and Facebook all appearing in the top 10 list of most imitated brands.

"For the first time this year, social channels have become one of the top three categories exploited by cyber criminals, no doubt in an attempt to take advantage of the increasing number of people working and communicating remotely in the wake of the pandemic," Omer Dembinsky, Data Research Group Manager at Check Point Software, said in a statement.

"Following the data from Q3, we'd also urge users to be vigilant when it comes to any emails or other communications that appear to be from social media channels such as Facebook or WhatsApp," Dembinsky added.

Amazon has replaced DHL in second position, accounting for 13 per cent of all phishing attempts versus 11 per cent in the previous quarter, as criminals look to take advantage of online shopping in the run-up to the holiday season.

The report highlights the brands which were most frequently imitated by criminals in their attempts to steal individuals' personal information or payment credentials during July, August and September.

In a brand phishing attack, criminals try to imitate the official website of a well-known brand by using a similar domain name or URL and web-page design to the genuine site.

The link to the fake website can be sent to targeted individuals by email or text message, a user can be redirected during web browsing, or it may be triggered from a fraudulent mobile application. The fake website often contains a form intended to steal users' credentials, payment details or other personal information.

Tags:    

Similar News