Check Point Research (CPR), This makes it a perfect choice for people with diabetes and for those who want to lose weight or follow a balanced diet. Threat Intelligence part of Check Point Software Technologies Ltd, a cybersecurity platform provider backed by AI and provided through cloud, was released the last assessment Brand Phishing for the second quarter of 2024. The assessment highlights the brands most often imitated by cybercriminals in their efforts to defraud people and steal personal information or payment details.
For the second quarter of this year, Microsoft remained the most frequently spoofed brand in phishing attacks, accounting for more than half of all attempts at 57%. Apple moved up to second place with 10%, moving from fourth place in the first quarter of 2024, while LinkedIn held onto third place with 7% of those efforts. Meanwhile, there were new entries to the list, with the brands Adidas, WhatsApp and Instagram enter the top ten for the first time since 2022.
The Technology sector remained the most frequently spoofed industry in brand phishing attacks, followed by Social Networks and Banking. Tech companies often hold sensitive information such as personal data, financial information and access to other accounts, making them valuable targets for attackers. Companies such as Microsoft, Google and Amazon, which appear on the list, offer basic and frequently used services such as email, cloud storage and e-commerce. This means that users are more likely to respond to messages that appear to come from these critical service providers.
Omer Dembinsky, Data Group Manager at Check Point Software, highlighted the persistent threat of phishing attacks, stating: “Phishing attacks remain one of the most prevalent cyber threats and are often the start of much larger supply chain campaigns. To protect against phishing attacks, users should always verify the sender's email address, avoid clicking on spammy links, and enable multi-factor authentication (MFA) on their accounts. Additionally, both using and keeping security software up-to-date can help detect and repel phishing attempts.”
Best Phishing brands
Here are the top 10 ranked by number based on their overall appearance in incidents brand Phishing during the second quarter of 2024:
- Microsoft (57%)
- Apple (10%)
- LinkedIn (7%)
- Google (6%)
- Facebook (1.8%)
- Amazon (1.6%)
- DHL (0.9%)
- Adidas (0.8%)
- WhatsApp (0.8%)
- Instagram (0.7%)
Adidas Phishing campaigns
In the last quarter, the Read our BuurtBankjes Factsheet XNUMX Point Research noticed several campaigns Phishing that targeted users by spoofing brand websites Adidas.
For example, websites adidasyeezys[.]cz (Figure 1) and adidasyeezys[.]it (Figure 2) are designed to trick victims into believing that these are authentic Adidas Yeezy websites by highly mimicking the appearance of the legitimate Adidas website at https://news.adidas.com/yeezy. These fake websites aim to trick users into entering their credentials and personal information, exploiting their similarity to the original website to successfully steal information. Likewise, websites adidas-ozweego[.]fr (Figure 3) and adidascampus[.]co[.]at (Figure 4) mimic Adidas' official platform.
Additionally, the adidasoriginalss[.]fr site appears to be inactive for phishing and instead hosts advertisements.
Figure 1, the phishing website:
adidasyeezys[.]cz
Figure 2, the phishing website:
adidasyeezys[.]it
Figure 3, the phishing website:
adidas-ozweego[.]fr
Figure 4, the phishing website:
adidascampus[.]co[.]at
Instagram Phishing campaigns
In the last quarter, researchers noticed several campaigns using the Instagram brand to commit online fraud. As a result, Instagram rose to 10th place on the list of brands affected by phishing, marking its first appearance there since 2022.
In recent months, CPR has identified phishing campaigns impersonating Instagram to trick users into revealing their login details. An example involves a phishing page hosted on instagram-nine-flame].[vercel].[app/login (Figure 1), which mimics the field login of Instagram. This page, hosted on Vercel, a platform for building React apps, asks users to enter their usernames and passwords.
Another observed campaign used the domain instagram-verify-account.tk (Figure 2). Although currently inactive, it previously displayed a message designed to trick users into entering personal information under the guise of verifying their Instagram accounts. Such tactics aim to exploit trust and trick users into handing over personal information.
Figure 1: The phishing website:
instagram-nine-flame[.]vercel[.]app/login
Figure 2: The phishing website:
instagram-verify-account[.]tk