Do you still rely on Microsoft for the protection of your personal data? Well, you might just need to be extra alert these data as according to the latest Brand Phishing Report for Q1 2021 by Check Point, Microsoft has been the hot favorite of cybercriminals.
For those of you who are not familiar with the report, it highlights the brands that are frequently imitated by criminals every quarter for the sake of stealing personal information of individuals like payment credentials, passwords, etc.
Hence, the result has once again presented Microsoft on top with thirty-nine percent of phishing attempts being related to the technology giant. However, these numbers are slightly less than 43% in Q4 - in which Microsoft again stood on top.
Photo: Carlo Allegri / reuters
DHL stood as the second most impersonated brand with 18% of all phishing attempts being targeted at it.
The reasons behind both the brands remaining on top are obvious. Microsoft is being targeted more because bad actors know how the world is more dependent on working from home, for as long as the pandemic lasts, and in the similar way, they are also attacking shoppers via DHL since online shopping, for now, is the safest option.
The report also highlighted that the technology industry will remain to be the most impacted by brand phishing, with shipping also bearing the burden of being a red target. But the most surprising entry has been made by the banking sector which is now included in the top three industries this quarter to be affected by the scams - all thanks to Fargo and Chase who are also in the top ten list of brands pointed as favorites of phishing scammers. Hence, that also means your digital payments are no longer space and neither too much dependency on online banking, shopping and home deliveries are good for you.
The brand phishing attack usually takes place by criminals trying to copy the official website of a brand that people love and trust. The hackers use a similar domain name or URL and even web-page design to make sure that the targeted user gets deceived completely.
Users receive the link to the fake website via email or text message, and sometimes you are also asked to install a fraudulent mobile application. The link of the fake website often leads you to a form that asks for information like credentials, payment details, or other personal information to steal the user.
Through the warning, the attacker wanted to convince the user to click on a malicious link, that redirected to a fraudulent malicious page with the look and feel of a real Wells Fargo website. Upon opening the web page, users were asked to put in their username and their password.
If you want to protect yourself from the online scams, the trick is simple and that is to think twice before you click on the email attachments or links that come in such emails - especially from companies like Microsoft or DHL.
Read next: These new Billing Fraud Apps on Google Play Store were downloaded by over 750K Android users
For those of you who are not familiar with the report, it highlights the brands that are frequently imitated by criminals every quarter for the sake of stealing personal information of individuals like payment credentials, passwords, etc.
Hence, the result has once again presented Microsoft on top with thirty-nine percent of phishing attempts being related to the technology giant. However, these numbers are slightly less than 43% in Q4 - in which Microsoft again stood on top.
Photo: Carlo Allegri / reuters
DHL stood as the second most impersonated brand with 18% of all phishing attempts being targeted at it.
The reasons behind both the brands remaining on top are obvious. Microsoft is being targeted more because bad actors know how the world is more dependent on working from home, for as long as the pandemic lasts, and in the similar way, they are also attacking shoppers via DHL since online shopping, for now, is the safest option.
The report also highlighted that the technology industry will remain to be the most impacted by brand phishing, with shipping also bearing the burden of being a red target. But the most surprising entry has been made by the banking sector which is now included in the top three industries this quarter to be affected by the scams - all thanks to Fargo and Chase who are also in the top ten list of brands pointed as favorites of phishing scammers. Hence, that also means your digital payments are no longer space and neither too much dependency on online banking, shopping and home deliveries are good for you.
The brand phishing attack usually takes place by criminals trying to copy the official website of a brand that people love and trust. The hackers use a similar domain name or URL and even web-page design to make sure that the targeted user gets deceived completely.
Users receive the link to the fake website via email or text message, and sometimes you are also asked to install a fraudulent mobile application. The link of the fake website often leads you to a form that asks for information like credentials, payment details, or other personal information to steal the user.
Top Phishing Scam Brands 2021
Here is the list of brands as ranked by brand phishing attempts:10. Dropbox (2%)
9. Apple (2%)
8. LinkedIn (2%)
7. Chase (2%)
6. Wells Fargo (4%)
5. Amazon (5%)
4. Roblox (6%)
3. Google (9%)
2. DHL (18%)
1. Microsoft (39% of brand phishing attempts that took place worldwide)
Recent Examples of Phishing Email Scams
DHL
In the first quarter of 2021, scammers targeted DHL’s branding in an attempt to download the Agent Tesla RAT (Remote Access Trojan) to the particular users’ machines. The email that was sent to the users appeared as if it was sent from support@dhl.com. It even had the “DHL Import Clearance – Consignment : <number>” to make it more legitimate. The email had a link to an archive file “DHL-IVN.87463.rar” and users were directed to download this malicious executable file which was resulting in the systems being infected with Agent Tesla.Wells Fargo
Hackers also tried to steal the account information of Well Fargo’s users. The emails were sent from a spoofed email address noreply@cc.wellsfargo.com with the subject “Your Online access has been disabled”.Through the warning, the attacker wanted to convince the user to click on a malicious link, that redirected to a fraudulent malicious page with the look and feel of a real Wells Fargo website. Upon opening the web page, users were asked to put in their username and their password.
If you want to protect yourself from the online scams, the trick is simple and that is to think twice before you click on the email attachments or links that come in such emails - especially from companies like Microsoft or DHL.
Read next: These new Billing Fraud Apps on Google Play Store were downloaded by over 750K Android users