Lucky Bait, Microsoft still phishers favorite

Last updated: 2020/10/19 at 4:53 PM

Jim Koohyar Biniyaz Published October 19, 2020

According to Check Point, Microsoft is top dog when it comes to phishing lures, with its products and services featuring in nearly 20% of all global brand phishing attacks in the third quarter of this year.

As the Israeli firm explained in a blog post “In Q3, Microsoft was the most frequently targeted brand by cybercriminals, soaring from fifth place (relating to 7% of all brand phishing attempted globally in Q2 of 2020) to the top of the ranking. 19% of all brand phishing attempts related to the technology giant, as threat actors sought to capitalize on large numbers of employees still working remotely during the Covid-19 pandemic. For the first time in 2020, DHL entered the top 10 rankings, taking the second spot with 9% of all phishing attempts related to the company.”

Here’s the full top 10 according to Check Point:

Microsoft (19%)
DHL (9%)
Google (9%)
PayPal (6%)
Netflix (6%)
Facebook (5%)
Apple (5%)
Whatsapp (5%)
Amazon (4%)
Instagram (4%)

They also explained that the most likely industry to be targeted by brand phishing was technology, followed by banking and then social network.

This illustrates a broad spread of some of the best-known and most used consumer sectors, particularly during the coronavirus pandemic, whereby individuals are grappling with remote working technology, potential changes to finances, and an increased use of social media.

Email still the king

Some things did stay the same, with email and web still top of the pile with the first responsible of 44% of phishing messages delivered and the second following closely: “During Q3 2020, email phishing was the most prominent type of brand phishing platform, accounting for 44% of attacks, closely followed by web phishing, which was the second most attacked platform compared to Q2, where it ranked first. The top phishing brands exploited by email phishing attacks were Microsoft, DHL and Apple, in that order”.