Data from one cybersecurity firm’s customer base for Q1 may be signaling this trend.
Phishing attacks and campaigns often use well-known brands and identities to rope in more eyeballs and victims. Such ‘brand phishing’ involve running copies of official websites off a similar domain name or URL. The fake website then ambushes visitors with forms crafted to steal users’ credentials, payment details or other personal information.
For the first quarter of this year, one cybersecurity firm’s customer ecosystem has yielded 10 brands frequently used by phishing sites.
Ranked by their overall appearance in brand phishing attempts, they are:
- LinkedIn (52% of all phishing attacks detected in the global customer base)
- DHL (14%) [formerly in 1st position)
- Google (7%)
- Microsoft (6%)
- FedEx (6%) [7th place previously]
- WhatsApp (4%)
- Amazon (2%)
- Maersk (1%) [first appearance ever in the Top 10 list]
- AliExpress (0.8%) [first appearance ever in the Top 10 list]
- Apple (0.8%)
Other data in the Check Point Software ecosystem pointed to an emerging trend toward threat actors leveraging social networks, now the number one targeted category ahead of shipping companies and technology giants.
Social media network LinkedIn reached the top of the list for the first time ever in the firm’s customer base, and represented a 44% uplift from its previous fifth position (comprising 8% of phishing attempts).
According to Check Point’s Data Research Group Manager Omer Dembinsky: “If there was ever any doubt that social media would become one of (our) most heavily targeted sectors by criminal groups, Q1 has laid them to rest. While Facebook had dropped out of rankings, LinkedIn has soared to number one. Its users should be extra vigilant over the course of the next few months, and (be vigilant to) suspicious anomalies such as misspelled domains, typos, incorrect dates and other details that can expose a malicious email or text message.”