Microsoft Dominates as the Most Impersonated Brand for Phishing Scams in Q2 2023

Microsoft Dominates as the Most Impersonated Brand for Phishing Scams in Q2 2023

Check Point Research’s latest Brand Phishing Report reveals that three of the world’s biggest technology companies have taken the top three spots this quarter as Google creeps up the list and Apple makes an appearance for the first time this year

Check Point Research (CPR), the Threat Intelligence arm of Check Point Software Technologies Ltd. and a leading provider of cyber security solutions globally, has published its Brand Phishing Report for Q2 2023. The report highlights the brands that were most frequently imitated by cybercriminals in their attempts to steal individuals’ personal information or payment credentials during April, May and June 2023.

Last quarter global technology company Microsoft climbed up the rankings, moving from third place in Q1 2023 to top spot in Q2. The tech giant accounted for 29% of all brand phishing attempts. This may be partially explained by a phishing campaign that saw hackers targeting account holders with fraudulent messaging regarding unusual activity on their account. The report ranked Google in second place, accounting for 19% of all attempts and Apple in third, featuring in 5% of all phishing events during the last quarter. In terms of industry, the technology sector was the most impersonated, followed by banking and social media networks.

At the beginning of this year, CPR warned of an upward trend that saw phishing campaigns leveraging the finance industry, and this has continued over the last three months. For example, American banking organization Wells Fargo took fourth place this quarter due to a series of malicious emails requesting account information. Similar tactics were noted in other scams that imitated brands such as Walmart and LinkedIn, which also featured in this report’s top ten list taking sixth and eighth place.

Marketing Technology News: Precisely Honored With Drexel LeBow Analytics 50 Award for Innovation in Data Integrity

“While the most impersonated brands move around quarter to quarter, the tactics that cybercriminals use scarcely do. This is because the method of flooding our inboxes and luring us into a false sense of security by using reputable logos has proven successful time and time again” said Omer Dembinsky, Data Group Manager at Check Point Software.

“This is why we all must commit to stop and review, taking a moment before clicking on any link we don’t recognize. Does something feel off? Is there bad grammar or any language that is prompting an instant response? If so, this may be an indicator of a phishing email. For organizations worried about their own data and reputation, it is key that they take advantage of the right technologies that can effectively block these emails before they have chance to dupe a victim.”

In its latest Titan release R81.20, Check Point has also announced an inline security technology called ‘Zero Phishing’ was enhanced now with a new engine called Brand Spoofing Prevention, designed to stop brand impersonation and scaled to detect and block also local brands that are used as lures, in any language, any country, and it also prevents pre-emptively – as the engine recognized the fake domains on registration stage and blocks access to them. The solution uses an innovative AI-Powered engine, advanced Natural Language Processes and improved URL scanning capabilities to auto-inspect possible malicious attempts and block access to impersonated local and global brands across multiple languages and countries, resulting in a 40% higher catch rate than traditional technologies.

In a brand phishing attack, criminals try to imitate the official website of a well-known brand by using a similar domain name or URL and a web-page design that resembles the genuine site. The link to the fake website can be sent to targeted individuals by email or text message, a user can be redirected during web browsing, or it may be triggered from a fraudulent mobile application. The fake website often contains a form intended to steal users’ credentials, payment details or other personal information.

Marketing Technology News: Interview with Sean Adams, Global Insights Director at Brand Metrics Featuring Jade Power, Director of Digital Monetisation at National World

Top phishing brands in Q2 2023

Below are the top brands ranked by their overall appearance in brand phishing attempts:

  1. Microsoft (29%)
  2. Google (19.5%)
  3. Apple (5.2%)
  4. Wells Fargo (4.2%)
  5. Amazon (4%)
  6. Walmart (3.9%)
  7. Roblox (3.8%)
  8. LinkedIn (3%)
  9. Home Depot (2.5%)
  10. Facebook (2.1%)

Microsoft Phishing Email – Unusual Activity Example

In the second quarter of 2023, a phishing campaign targeted Microsoft account holders by sending fraudulent messages regarding unusual sign-in activity.

The campaign involved deceptive emails which were sent allegedly from inside the company with sender names such as “Microsoft on <company domain>”. The subject line of these phishing emails was “RE: Microsoft account unusual sign-in activity” and they claimed to have detected unusual sign-in activity on the recipient’s Microsoft account. The emails provided details of the alleged sign-in, such as the country/region, IP address, date, platform and browser.

LinkedIn Phishing Email – Account Theft Example

During Q2 of 2023 a phishing email imitating LinkedIn, a professional networking platform, was identified. The email falsely claimed to be from “LinkedIn” and had the subject line “Revise PO June – Order Sheet.” It aimed to deceive recipients into clicking on a malicious link by disguising it as a report.

Marketing Technology News: Harness the Potential of Connectivity for Enhanced B2B Interaction

Wells Fargo Phishing Email – Account Verification Scam

During Q2 of 2023 a phishing email campaign impersonating Wells Fargo, a prominent financial institution, was observed. The email was sent from the address “29@9bysix[.]co[.]za” and appeared to be from “Wellsfargo Online”. It had the subject line “Verification Required” and aimed to trick recipients into providing their account information by claiming that certain details were missing or incorrect.

Walmart Phishing Email – False Gift Card Offer

In Q2 of 2023 a phishing email campaign impersonating Walmart, a retail company, was detected. The email was sent from the address “info@chatpood[.]info” and had the subject line “Walmart eGift Card Waiting.” The purpose of this fraudulent email was to deceive recipients by offering them a $500 Walmart Gift Card as a token of appreciation for their loyalty.de personal information such as their name and email address, to verify eligibility.

Picture of Globe Newswire

Globe Newswire

GlobeNewswire is one of the world's largest newswire distribution networks, specializing in the delivery of corporate press releases financial disclosures and multimedia content to the media, investment community, individual investors and the general public.

You Might Also Like