Cloudflare Uses the Power of its Global Network to Identify the Top 50 Most Impersonated Brands and Protect Zero Trust Customers From Phishing Scams

By Business Wire On Mar 13, 2023

AT&T, PayPal, and Microsoft top the list of most impersonated brands in phishing attempts
Most targeted industries include Finance, Technology, and Telecom for phishing scammers
New anti-phishing protections in Cloudflare One block the tricks phishers use to confuse end-users

Cloudflare, Inc., the security, performance, and reliability company helping to build a better Internet, published a global report on the Top 50 Brands Used in Phishing Attacks. Nearly 20% of all websites are protected by Cloudflare’s global network and its email security offering stopped 2.3 billion unwanted emails from hitting inboxes in 2022. As a result, Cloudflare’s machine learning and data analysis give it unique insight into the phishing domains most frequently clicked on by Internet users and the ability to proactively protect its Zero Trust customers.

“Phishing” refers to an attempt to steal sensitive information like usernames, passwords, credit card numbers, bank and crypto account information, or other important data in order to utilize or sell the stolen information. Today, phishing is the fastest growing Internet crime, and a threat to both consumers and businesses. By masquerading as a reputable source – sometimes with an enticing request, other times with a severe consequence – an attacker lures in the victim in order to trick them, similarly to how a fisherman uses bait to catch a fish. Oftentimes, these attempts come in the form of an email, text message, or mistyped website URL that looks like it’s from a well-known brand, but is actually a malicious party.

“Phishing attacks prey on our trust in the brands we love and use everyday, and are becoming more difficult to spot for even the most digitally-savvy person. Our sanity, bank accounts, and passwords shouldn’t be compromised because we glossed over a misspelled ‘from’ field or accidentally clicked on an obscure URL,” said Matthew Prince, co-founder and CEO, Cloudflare. “We’ve extended our Zero Trust services with real-time protection against new phishing sites, so our customers won’t fall victim to attacks leveraging the brands they trust.”

Marketing Technology News: MarTech Interview with Doug Huntington, CEO at FatTail

Most Impersonated Brand of 2022: AT&T Inc.

The top 50 brands most commonly impersonated by phishing URLs are:

1.	AT&T Inc.	26.	Coinbase Global, Inc.
2.	PayPal	27.	Banco Bradesco S.A.
3.	Microsoft	28.	Caixa Econômica Federal
4.	DHL	29.	JCB Co., Ltd.
5.	Facebook (Meta)	30.	ING Group
6.	Internal Revenue Service	31.	HSBC Holdings plc
7.	Oath Holdings/Verizon	32.	Netflix Inc
8.	Mitsubishi UFJ NICOS Co., Ltd.	33.	Sumitomo Mitsui Banking Corporation
9.	Adobe	34.	Nubank
10.	Amazon	35.	Bank Millennium SA
11.	Apple	36.	National Police Agency Japan
12.	Wells Fargo & Company	37.	Allegro
13.	eBay, Inc.	38.	InPost
14.	Swiss Post	39.	Correos
15.	Naver	40.	FedEx
16.	Instagram (Meta)	41.	Microsoft
17.	WhatsApp (Meta)	42.	United States Postal Service
18.	Rakuten	43.	Alphabet
19.	East Japan Railway Company	44.	The Bank of America Corporation
20.	American Express Company	45.	Deutscher Paketdienst
21.	KDDI	46.	Banco Itaú Unibanco S.A.
22.	Office365 (Microsoft)	47.	Steam
23.	Chase Bank	48.	Swisscom AG
24.	AEON	49.	LexisNexis
25.	Singtel Optus Pty Limited	50.	Orange S.A.

Cloudflare found that finance, technology, and telecom brands were the most commonly impersonated industries, notably for the unprecedented access and financial benefit that bank accounts, email and social media, and phone companies can give attackers. Technology and telecom companies are a unique threat because phishing attacks can intercept the emails and text messages that are used to verify a user’s identity via two-factor authentication. Therefore, these phishing attempts can lead to other accounts being compromised as well.

New Anti-Phishing Protections with Cloudflare One

Today, Cloudflare also announced new capabilities to provide customers the most comprehensive and effective phishing protection available. Building on Cloudflare Area1’s recent launch of advanced Zero Trust email security tools, customers can now automatically and immediately identify and block “confusable” domains to better protect their corporate networks. This offering can help protect against phishing attacks similar to the one that threatened Cloudflare and 100 other companies last summer, when attackers created the misleading “cloudflare-okta.com” domain just 40 minutes before sending it to employees. Using Cloudflare Gateway, customers can create zero trust rules that prevent their employees from resolving or browsing to these “confusable” or lookalike domains.

Report Methodology

To generate the report, Cloudflare used 1.1.1.1 DNS resolver resolution data to find the domains associated with phishing URLs that were most commonly clicked. All domains that are used for shared services (like hosting sites Google, Amazon, and GoDaddy) that could not be verified as a phishing attempt were removed from the data set.

Marketing Technology News: Social Media Strategies for Customer Engagement Success: How to Meet Consumers Where They Are in…