(Subscribe to our Today's Cache newsletter for a quick snapshot of top 5 tech stories. Click here to subscribe for free.)
Microsoft is the most frequently used brand name by criminals in their attempts to steal individuals’ personal information during July, August and September, according to a report by cybersecurity firm Check Point Research.
Microsoft accounted for 19% of all brand phishing attempts as threat actors aimed at capitalising on large number of employees working remotely during the Covid-19 pandemic, the report noted.
Other brands with a high percentage of phishing attempts include DHL (9%), Google (9%), Paypal (6%) and Netflix (6%).
In terms of sectors mimicked, technology was the most targeted, followed by banking and social network.
During the quarter ending September, email phishing was the most prominent type of brand phishing platform, accounting for 44% of attacks. The top phishing brands exploited by email phishing attacks were Microsoft, DHL and Apple.
While Web phishing, that ranked first in the previous quarter stood at the second place.
A brand phishing attack is when criminals try to imitate the official website of a well-known brand by using a similar domain name or URL and web-page design to the genuine site.
The link to the fake website, which in intended to steal users’ credentials, payment details or other personal information, is then sent to individuals by email or text message.
During mid-August, Check Point researchers noted a malicious phishing email trying to steal credentials of Microsoft accounts by luring victims to click on a malicious link which redirects the user to a fraudulent Microsoft login page.
Similarly, during September, an email which was allegedly sent by Amazon was attempting to steal users’ credit information by directing the user to a fraudulent Amazon billing centre website in which the user was instructed to enter billing information.