LinkedIn number one imitation brand in phishing attempts – Microsoft number two

Check Point Research (CPR), the Threat Intelligence division of Check Point Software Technologies Ltd, a global cyber security solutions provider, has published the report for the second quarter of 2022.

The report highlights the brands that cybercriminals most often impersonated in their attempts to steal people's personal information or payment credentials during the quarter.

Social networking platform LinkedIn remained at the top of the ranking as the most imitated brand, after entering the list for the first time in the first quarter of 2022.

Although its share has decreased slightly – from 52% in the first quarter to 45% of all phishing attempts in the second quarter, it is still a worrying trend, which highlights the ongoing risks faced by users of the trusted platform social media.

Brand Phishing Report,iguru,phishing

Social networks are still generally the most imitated category, followed by technology, which, this quarter, was second only to shipping.

The most impressive increase in exploited tech names was Microsoft, which accounted for 13% of all phishing attempts, more than double the previous quarter, while DHL came in third with 12%. Some new brands to enter the top ten were Adidas, Adobe and HSBC and although they are all in the low single digits they will be closely watched by researchers in the third quarter for any developments.

The rise in Microsoft-related fraud is a risk to both individuals and organizations. Once someone gets their hands on your account credentials, they have access to all the apps behind it, like Teams and SharePoint, as well as the obvious risk of your email account being compromised on . The report points to a specific example of an Outlook phishing email that lures users to a fraudulent Outlook web page with the subject: “[Action Required] Final Reminder – Verify your OWA Account now,” asking the victim to enter his login details.

LinkedIn-based phishing campaigns mimicked the communication style of the professional social networking platform with malicious emails that used subject lines such as: “You appeared in 8 searches this week” or “You have a new message” or “I'd like to work with you via LinkedIn”. Although they appeared to be from LinkedIn, they were using an email address that was completely different from the social networking platform's.

Εν τω μεταξύ, με την αδιάκοπη τάση για ηλεκτρονικές αγορές, δεν αποτελεί έκπληξη το γεγονός ότι το β' τρίμηνο του έτους η DHL πλαστογραφήθηκε σε ποσοστό 12% στο σύνολο των επιθέσεων phishing. Η έκθεση αναφέρεται συγκεκριμένα σε μια απάτη phishing που σχετίζεται με την μιας αποστολής, με θέμα “Incoming Shipment Notification”, που στόχο είχε να παρασύρει τον καταναλωτή να κάνει κλικ σε έναν κακόβουλο σύνδεσμο.

"Phishing emails are an important tool in any hacker's arsenal, as they grow rapidly and can target millions of users at relatively low cost," said Omer Dembinsky, Data Research Group Manager at Check Point Software. “They give cybercriminals the opportunity to exploit the reputation of trusted brands to give users a false sense of security, which can be exploited to steal personal or business information for financial gain.

“Criminals will use any brand with sufficient reach and consumer trust. Therefore, we see hackers expanding their operations and brands such as Adidas, Adobe and HSBC making their first appearance in the top 10. Hackers are trading on our trust in these brands. There's a reason they keep using brand-based phishing. Operates. For this reason, consumers should act with caution and check for those signs of fake email, such as bad grammar, spelling mistakes or strange domain names that can reveal the scam. If in doubt, head to the brand's official website instead of clicking on any links."

Μια τέτοια επίθεση phishing όχι μόνο εκμεταλλεύεται την έμμεση εμπιστοσύνη μας σε ένα οικείο εμπορικό σήμα, είτε υιοθετώντας την εικόνα του, είτε χρησιμοποιώντας συχνά μια παρόμοια διεύθυνση URL, αλλά παίζει επίσης με τα ανθρώπινα συναισθήματα, όπως ο φόβος ότι χάνουμε μια σημαντική έκπτωση. Η αίσθηση του επείγοντος που δημιουργείται οδηγεί τους καταναλωτές να κάνουν βιαστικά κλικ χωρίς πρώτα να ελέγξουν αν το μήνυμα ηλεκτρονικού ταχυδρομείου προέρχεται από την εν λόγω μάρκα. Αυτό μπορεί να τους οδηγήσει στο να κατεβάσουν κατά λάθος or hand over valuable personal information that can give criminals access to their entire online world at possible financial loss.

Top phishing brands for Q2 2022

Here are the top brands ranked by their overall exposure to similar phishing attempts:

  1. LinkedIn (45%)
  2. Microsoft (13%)
  3. DHL (12%)
  4. Amazon (9%)
  5. Apple (3%)
  6. Adidas (2%)
  7. Google (1%)
  8. Netflix (1%)
  9. Adobe (1%)
  10. HSBC (1%)

LinkedIn - Account theft example

During the second quarter of 2022, we observed a malicious phishing email that used the LinkedIn brand. The phishing email was sent from a webmail address and spoofed to appear to be from “LinkedIn Security (mlayanac@armada.mil[.]ec)”. The email had the subject “LinkedIn Notice!!!”, and the content (see Figure 1) tries to lure the victim into clicking on a malicious link under the guise of updating the version of their LinkedIn account. This click leads to the link “https://lin882[.]webnode[.]page/”, where the victim is then asked to enter their LinkedIn account details (see Figure 2).

link
link1

DHL Phishing Email – Example of account theft

During the second quarter of 2022, we observed a malicious phishing email using the DHL brand name. The phishing email was sent from a webmail address and spoofed to appear to be from “DHL EXPRESS (track@harbormfreight[.]com)”. The email contained the subject line “Incoming Shipment Notification” and its content (see Figure 1) tries to convince the victim to click on a malicious link that takes them to the address “https:// delicate-sea-3417 .on.fleek.co”.

The victim is then asked to enter their username and password.

dhl
dhl1

Outlook Phishing Email – Example of account theft

In this phishing email, we see an attempt to steal a user's Outlook account information. The email (see Figure 1) sent from the email address “Outlook OWA (mike@vokertech.com)”, contained the subject line “[Action Required] Final Reminder – Verify Your OWA Account Now”. The attacker was trying to trick the victim into clicking on a malicious link, which redirected the user to a fraudulent Outlook web application login page (see Figure 2).

In the malicious link (jfbfstxegfghaccl-dot-githu-dir-aceui-xoweu[.]ue[.]r[.]appspot[.]com), the user had to enter their username and password.

out
out1

Amazon Phishing Email – Example of billing information theft

In this phishing email, we see an attempt to steal a user's billing information. The email (see Figure 1), which was sent from the email address “Amazon (fcarvache@puertoesmeraldas[.]gob[.]ec)”, contained the subject line “Your amazon account verification”.

The email title and content are an attempt by the attacker to lure the victim into clicking on a malicious link “https://main.d1eoejahlrcxb.amplifyapp[.]com”, which redirects the user to a fraudulent page that prompts for billing information (see Figure 2).

amaz
amaz1

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.
Brand Phishing Report,iguru,phishing

Written by newsbot

Although the press releases will be from very select to rarely, I said to go ... because sometimes the authors are hiding.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).