SecurityBrief New Zealand logo
Story image

Microsoft, Facebook and PayPal most impersonated brands during phishing attacks

Microsoft, Facebook and PayPal are amongst the most impersonated brands during phishing attacks in 2020, according to a new report from Vade Secure.

Its annual Phishers' Favorites report for 2020 reveals that Microsoft has maintained its position as the brand most often found in phishing emails, followed by Facebook and PayPal.

During the year of lockdown and remote working, cloud services overtook financial services to become the most impersonated industry, whilst cynical hackers exploited the Covid-19 pandemic and issued large numbers of fake emails promising false cures or non-existent personal protective equipment.

Vade Secure protects more than one billion mailboxes around the world, allowing it to gain an unprecedented insight into the threats facing businesses. Its filter engine detects and analyses tens of thousands of unique phishing URLs every quarter. These phishing URLs refer to the number of URLs and not the volume of phishing emails received, because hackers will often send hundreds or thousands of phishing emails containing the same URL.

“Organisations need to be aware that phishers and other threat actors are always looking out for new ways to target them," says Adrien Gendre, chief product and services officer at Vade Secure.

“Phishing is just one tactic used by hackers and the ever-changing popularity of well-known brands shows how cybercriminals’ tactics are constantly evolving.

“The Phishers’ Favorites report highlights the importance of a proactive and comprehensive email security posture. Businesses should protect themselves and their clients from dynamic phishing attacks with a combination of training, technology, and vigilance.”

Key findings:

Microsoft is still the phishers’ favorite

Microsoft 365’s user base grew to 258 million in 2020, experiencing higher than expected growth driven by the Covid-19 pandemic. Microsoft has consistently remained at the top of Vade Secure’s Phishers’ Favorites quarterly reports, holding the #1 spot for four quarters.

The rise of Facebook and WhatsApp

Interest in Facebook has been on the rise since 2018 when Vade Secure first started tracking unique Facebook URLs. Q2 saw the biggest surge for Facebook phishing in 2020, with 4,373 unique URLs detected, for a total of 14,876 for the year.

WhatsApp made its first appearance on the Phishers’ Favorites list in Q1 2019, with a small number of phishing URLs. This changed drastically in Q4 2019, when Vade Secure detected 5,029 unique WhatsApp phishing URLs for the quarter. A spike in the number of WhatsApp spoof emails coincided with the pandemic, when social media brands became more popular among phishers.

Cloud services becomes most impersonated industry

In an abrupt change in Q2, and as businesses shifted to remote working, cloud services overtook financial services as the most impersonated industry. Microsoft, Netflix, Adobe, Apple, and Dropbox represented the most impersonated cloud services companies in the top 20. Both Google and Adobe saw growth in phishing URLs, moving up two and three spots respectively.

E-commerce phishing boom

In another major shift from 2019, e-commerce overtook social media as the third most impersonated industry. Like cloud services, e-commerce reached new heights in 2020 as shoppers went online in far greater numbers. eBay, for instance, didn’t make the top 20 list in 2019, but jumped 28 spots to #5 in 2020. 

Email security pandemic

When Covid-19 forced businesses to shift to teleworking, cybercriminals unleashed a massive wave of pandemic-themed phishing and spam emails. Capitalising on users’ fears and anxieties, hackers sent fake emails offering facemasks and PPE as well as phishing messages that impersonated the NHS and World Health Organization.

Story image
Fortinet: Reduce risk with consistent security
Cornelius Mare, Fortinet A/NZ Director, Security Solutions, explains how consistent security can reduce risk whilst streamlining NOC/SOC operations and minimising costs.More
Story image
Quest Software launches solutions for operations, protection and governance
"We are excited about this new strategic direction and believe it will deliver strong value for our global customers as they further their data-centric transformation projects."More
Story image
CrowdStrike launches integrations to advance NDR for enterprise
"This integration with NDR partners provides mutual customers a comprehensive, holistic cybersecurity solution with enhanced visibility, streamlined detection and response and frictionless automation."More
Story image
COVID-19 has changed the way companies handle data security
According to data classification company Titus, the rise in remote working under COVID-19 has delivered far-reaching changes in how we do business, with significant implications for CISOs, compliance, and data governance officers. More
Story image
New research by Netacea into digital fingerprint and identity thief
Bot detection and mitigation company Netacea has published new research into the Genesis Market, an invite-only deep web marketplace that trades in digital fingerprints and enables buyers to impersonate victims online.More
Story image
New research reveals customer behaviour around fraud risks
"Timeliness is key, you must get the alert in front of people at the exact moment they are at risk of fraud. Without this, banks will continue to spend huge amounts of money on fraud prevention messaging that will never have an impact."More