Cybercriminals who specialize in phishing attacks often spoof popular companies and products to trick unsuspecting users. By impersonating a well-known brand, the scammers try to convince their victims that their malicious emails and web pages are legitimate. A new report from cyber intelligence firm Check Point Research highlights the most spoofed brands so you’ll know which emails and pages to scrutinize.
Top 10 most-phished brands
Among the top 10 most-phished brands in the fourth quarter of 2024, Microsoft remained in the top spot, appearing in 32% of all attacks seen by Check Point. Apple and Google took second and third place, respectively, each appearing in 12% of the attacks.
LinkedIn was next with 11%, followed by Alibaba with 4%. Rounding out the list were WhatsApp, Amazon, Twitter, and Facebook, each with 2%. In the tenth spot was Adobe, found in 1% of the phishing campaigns.
Also: How to protect yourself from phishing attacks in Chrome and Firefox
As last quarter marked the traditional holiday season, retail brands were also targeted in phishing attacks. Scammers often create fraudulent retail domains with phony sales and fake discounts to try to steal the passwords and sensitive data of innocent visitors.
During the fourth quarter, malicious domains like nike-blazers.fr and adidasyeezy.ro mimicked the legitimate sites of Nike and Adidas. Other retail brands recently exploited included Lululemon, Hugo Boss, Guess, and Ralph Lauren.
In its report, Check Point focused on two especially deceptive phishing campaigns. In one attack, the phishing site impersonated PayPal’s login page to try to capture the credentials and financial data of users. In another, a phony website imitated Facebook’s login page to trick people into sharing their account details. Though both sites are now flagged as deceptive, the phishing threat remains in full force.
How to protect yourself
To protect yourself against phishing attacks, Check Point offers the following advice:
- They said I couldn’t find a high-quality multitool for under $30 – but this one’s a winner
- This Android phone that doubles as a projector will make any tech enthusiast smile
- I compared the viral $50 earplugs with my $300 sleep earbuds – here are the results
- I replaced my $3,500 Sony camera with 200MP Android phone – and it’s spoiled me big time
- I found a portable soundbar that sounds as impressive as speakers twice its price
Also: How scammers are tricking Apple iMessage users into disabling phishing protection
“The persistence of phishing attacks leveraging major brands underscores the critical need for user education and advanced security measures,” Check Point added in its report. “Verifying email sources, avoiding unfamiliar links, and enabling multi-factor authentication (MFA) are vital to protect against these evolving threats.”
Source : https://www.zdnet.com/article/the-top-10-brands-exploited-in-phishing-attacks-and-how-to-protect-yourself/
