10-19-2020, 07:24 PM
The shift to remote working spurred Microsoft and Amazon to the top of the heap for cybercriminals to use as lures in the third quarter.
Microsoft is top of the heap when it comes to hacker impersonations – with Microsoft products and services featuring in nearly a fifth of all global brand phishing attacks in the third quarter of this year.
That’s according to Check Point, which found that the computing giant leapt from fifth place in the second quarter (accounting for 7 percent of attacks) to first place for the quarter ended in September, as phishers continue to capitalize on remote workforces created by the coronavirus pandemic.
Behind Microsoft (related to 19 percent of all phishing attempts globally) were: shipping company DHL (9 percent); Google (9 percent); PayPal (6 percent); Netflix (6 percent); Facebook (5 percent); Apple (5 percent); WhatsApp (5 percent); Amazon (4 percent); and Instagram (4 percent).
“For the first time in 2020, DHL entered the top 10 rankings,” according to the report, issued Monday.
The firm’s analysis also found that 44 percent of all phishing attacks were delivered by email, followed by web (43 percent) and mobile (12 percent). The top three phishing brands exploited by email phishing attacks were Microsoft, DHL and Apple; on the web, it was Microsoft, Google and PayPal; and for mobile, WhatsApp, PayPal and Facebook took the top spots.
“Remote workers are a focal point for hackers,” said Omer Dembinsky, manager of data threat intelligence at Check Point, in a statement. “Companies globally have their employees working remotely because of the coronavirus pandemic, possibly for the first time ever. There are currently billions of people now working remotely, many of them doing so for the first time in their lives. The sudden change has left many companies and remote workers unprepared to handle the latest cyberattacks. Hackers, sensing big opportunity, are imitating the brand most known for work: Microsoft.”
In terms of top phishing efforts, during mid-August, Check Point researchers witnessed a malicious phishing email trying to steal credentials of Microsoft accounts. The attacker was trying to lure the victim to click on a malicious link which redirected the user to a fraudulent Microsoft login page.
Also of note, during September, Check Point researchers noticed a malicious phishing email which was allegedly sent by Amazon and was trying to steal user’s credit information. The email said that the user’s account was disabled due to too many login failures and pointed the user to a fraudulent Amazon billing center website in which the user is instructed to enter billing information. During the coronavirus pandemic, Amazon has seen explosive growth, as many rely on the e-commerce giant for goods throughout quarantined periods. Accordingly, hackers have made efforts to exploit Amazon’s popularity during the coronavirus pandemic.
He added, “I expect Microsoft imitations to continue as we turn the new year. I encourage remote workers to be extra cautious when receiving an email. If you get an email about your ‘Microsoft’ account, I would have my guard up.”
Source
Code:
https://threatpost.com/microsoft-most-imitated-phishing/160255/