Microsoft remains most imitated brand in phishing attacks

• Technology sector remains most impersonated industry in brand phishing, followed by social networks and banking sector.

Microsoft remained the most imitated brand in phishing attacks, accounting for more than half of all attempts with 57 per cent, for the second quarter of 2024.

Apple jumped to second spot with 10 per cent, moving up from fourth position in the first quarter of 2024, and LinkedIn kept its previous third place ranking with seven per cent of such attempts, according to Check Point Research (CPR), the Threat Intelligence arm of Check Point Software Technologies Ltd.

New entries to the list include Adidas, WhatsApp and Instagram moving into the top 10 for the first time since 2022.

In the last quarter, researchers observed numerous campaigns utilising the Instagram brand to perpetrate online scams. As a result, Instagram has risen to the 10th position on the list of top brands impacted by phishing, marking its first appearance there since 2022.

In recent months, CPR identified phishing campaigns impersonating Instagram to deceive users into divulging their login credentials. One instance involves a phishing page hosted at instagram-nine-flame.vercel.app/login, which mimics Instagram’s login interface.

This page, hosted on Vercel, a platform for creating React applications, prompts users to enter their usernames and passwords.

Another observed campaign utilised the domain instagram-verify-account.tk.

Although currently inactive, it previously displayed a message designed to trick users into entering personal information under the guise of verifying their Instagram accounts. Such tactics aim to exploit trust and deceive users into compromising their credentials.

Avoid clicking on unsolicited links

“Phishing attacks remain one of the most pervasive cyber threats and are often the entry point for much larger scale campaigns a supply chain. To protect against phishing attacks, users should always verify the sender’s email address, avoid clicking on unsolicited links, and enable multi-factor authentication (MFA) on their accounts,” Omer Dembinsky, Data Group Manager at Check Point Software, said.

Moreover, he said that the technology sector remained the most impersonated industry in brand phishing, followed by social networks and banking sector.

As technology companies often hold sensitive information, including personal data, financial information and access to other accounts, the sector has been a valuable target for cyber criminals.

Companies such as Microsoft, Google and Amazon deliver essential and frequently used services such as email, cloud storage, and online shopping, which means that people are more likely to respond to messages that appear to be from these critical service providers.

Last quarter, Check Point Research observed several phishing campaigns targeting users by impersonating Adidas brand websites.

For eample, adidasyeezys.cz and adidasyeezys.it are designed to deceive victims into believing they are authentic Adidas Yeezy sites, closely mimicking the appearance of the legitimate Adidas site at https://news.adidas.com/yeezy. 

These fraudulent sites aim to lure users into entering their credentials and personal information, exploiting their resemblance to the original site to successfully steal information. Similarly, adidas-ozweego.fr and adidascampus.co.at mimic the official Adidas platform.

Furthermore, adidasoriginalss.fr currently appears inactive for phishing and instead hosts advertisements.