The irresistible lure of baiting bargain-hungry e-shoppers also caused cybercriminals to target one other logistics and delivery giant

Can you guess which was the most impersonated brand used in phishing campaigns during Q4 2021?

If you picked Microsoft, you would be wrong, because this hot favorite has been ousted by DHL, according to a brand-phishing report on one cybersecurity vendor’s platform.

The Q4 2021 report by Check Point Research (CPR) cited the following data in its user ecosystem:

  • 23% of all brand phishing attempts were related to the global logistics and shipping company, up from just 9% in Q3, as threat actors sought to take advantage of vulnerable online consumers during the busiest retail period of the year.
  • Microsoft, which was the Q3 leader accounting for 29% of all phishing attempts, chalked up only 20% of phishing scams in Q4.
  • FedEx appeared in the top 10 list for the first time in Q4 2021, for perhaps the same reason that pushed its competitor up the chart.
  • An emerging Q3 trend continued in Q4: social media was solidifying its position among the top three sectors imitated in phishing attempts. While Facebook dropped out of the top 10, WhatsApp moved from 6th position to 3rd; LinkedIn moved from 8th position to 5th
  • Top phishing brands in Q4 2021

    Below are the top brands ranked by their overall appearance in brand phishing attempts:

    • ○ DHL (related to 23% of all phishing attacks globally)
    • ○ Microsoft (20%)
    • WhatsApp (11%)
    • ○ Google (10%)
    • ○ LinkedIn (8%)
    • ○ Amazon (4%)
    • ○ FedEx (3%)
    • ○ Roblox (3%)
    • ○ Paypal (2%)
    • ○ Apple (2%)

According to Omer Dembinsky, Data Research Group Manager, Check Point Software: “Unfortunately, there’s only so much brands like DHL, Microsoft and WhatsApp can do to combat phishing attempts. It’s all too easy for the human element to overlook things like misspelt domains, typos, incorrect dates or other suspicious details, and that’s what opens the door to further damage. We’d urge all users to be very mindful of these details when dealing with the likes of DHL in the coming months.”

Meanwhile social media phishing is expected to continue to be heavily targeted by bad actors looking to take advantage of those leaning more heavily on channels like WhatsApp, Facebook and LinkedIn as a result of remote working and other fallouts from the pandemic.