According to the latest report Brand Phishing Report of Check Point ResearchThe Microsoft is the number one brand impersonated by cybercriminals, while the technology sector dominates the top ten.
Check Point Research (CPR), the Threat Intelligence division of Check Point® Software Technologies Ltd., a solution provider better safetys in cyberspace worldwide, published the report Brand Phishing Report for the fourth quarter of 2023. The report highlights the brands most frequently imitated by cybercriminals in their attempts to steal personal information or financial credentials during October, November and December 2023.
In the previous quarter, Microsoft ranked first as the number one imitated brand, accounting for 33% of all attempts Phishing through trademarks. The technology sector stood out as the most targeted sector overall, with Amazon to secure the second place with 9% and the Google to be in third place with 8%. Social networks and banks represented the other two industries most targeted.
Consumer spending related to the holiday season gave cybercriminals reason to continue targeting retail and couriers in Q4 2023.
The widely known company distribution DHL moved into the top ten, possibly due to increased buying activity during the month of November, while its ranking Amazon can be largely attributed to the annual autumn sale Amazon Prime Day which was scheduled in the second week of October.
"While we said goodbye to 2023, one thing followed us into the new year and that is the threat of Phishing. Even cybercriminals with limited IT expertise can accurately mimic legitimate tokens to defraud unsuspecting customers and carry out social engineering attacks,” said Omer Dembinsky, Data Group Managers in Check Point Software.
“With the widespread use of artificial intelligence, we can expect to see a higher volume of campaigns this year Phishing which will be even more difficult to distinguish from real corporate communications. As the biggest names in tech, social media and banking continue to fall victim to impersonation, end users need to be extra careful when engaging with emails that are supposedly from trusted brands.”
Top Phishing brands
Here are the top 10 brands ranked by their overall appearance in phishing incidents during the fourth quarter of 2023:
- Microsoft (33%)
- Amazon (9%)
- Google (8%)
- Apple (4%)
- Wells Fargo (3%)
- LinkedIn (3%)
- Home Depot (3%)
- Facebook (3%)
- Netflix (2%)
- DHL (2%)
Microsoft Phishing Email – Email verification scam
This deceptive email, posing as her account group Microsoft, claimed to require email address verification and prompted recipients to click a verification link. With Title "Microsoft: Verify your Email address” aimed to create a sense of urgency. The link Phishing of the message was:
"cloudflare-ipfs[.]com/ipfs/bafybeigjhhhd64vhna67panxz6myhaelya6vphjbic65law5hmm4mmgpum".
This link is not affiliated with Microsoft. The email message asked recipients to verify their email address and could potentially lead to fraudulent activities.
Apple Lossless Audio CODEC (ALAC), Phishing Email – Storage limit warning scam
This deceptive email purportedly from Apple Lossless Audio CODEC (ALAC),, was leaving the address "blake@borderpfoten[.]de" and claimed to be about notifying recipients of nearly full storage space at Apple Lossless Audio CODEC (ALAC), their account. With Title "{Victim's name} Your Storage on Apple Lossless Audio CODEC (ALAC), It's Almost Completel!! » (Prototype: Din Apple Lagring er Næsten Fuld!!) add a personalized touch to create a sense of urgency. The email contained the malicious link: “ktraks[.]futurewatt.com/ga/click/”, which is currently inactive. This link is not affiliated with Apple Lossless Audio CODEC (ALAC),. The email prompted recipients to troubleshoot the storage issue by clicking on the inactive link, which could potentially lead to fraudulent activity.
