Microsoft remains the most-spoofed brand for the second quarter in a row
Malicious use of the tech giant's brand increased by 24% in the last quarter of 2020, according to Check Point
Microsoft ended 2020 as the brand most frequently targeted by cyber criminals, with 43% of all brand phishing attempts related to the tech giant in Q4.
This was a 24% increase from the third quarter of the year, which saw 19% of all attempts linked to the tech giant, according to Check Point research.
The attempts are from criminals looking to steal personal information or payment credentials by impersonating well-known brands that are likely to be used by the employee and their organisation.
The technology industry was the most likely to be targeted by 'brand phishing', according to Check Point, closely followed by retail and shipping. Across October, November and, December, Microsoft was the brand most often imitated by hackers.
"Criminals increased their attempts in Q4 2020 to steal peoples personal data by impersonating leading brands, and our data clearly shows how they change their phishing tactics to increase their chances of success," said Maya Horowitz, director, threat intelligence and research, products at Check Point.
Email security threat report 2020
Four key trends from spear fishing to credentials theftDownload now
"As always, we encourage users to be cautious when divulging personal data and credentials to business applications, and to think twice before opening email attachments or links, especially emails that claim to from companies, such as Microsoft or Google, that are most likely to be impersonated."
Shipping firm DHL was the second most-spoofed brand for the end of 2020, as criminals sought to take advantage of the significantly higher number of shoppers placing their orders online. Many of these attacks involved delivery failure notices, asking the target to pay a nominal fee to arrange a new delivery.
Google actually came 7th on the list with only 2% of all brand-related phishing in its name. Amazon ended the year in fourth with 5% while LinkedIn, a Microsoft-owned platform, was third with 6%.
IT Pro has approached Microsoft as the findings will be of huge concern to the tech giant, especially as phishing attempts in its name have doubled over a sixth month period.
Managing security risk and compliance in a challenging landscape
How key technology partners grow with your organisationDownload now
Evaluate your order-to-cash process
15 recommended metrics to benchmark your O2C operationsDownload now
AI 360: Hold, fold, or double down?
How AI can benefit your businessDownload now
Getting started with Azure Red Hat OpenShift
A developer’s guide to improving application building and deployment capabilitiesDownload now