Microsoft Returns to the Top Spot as the Most Imitated Brand in Phishing Attacks for Q4 2023

The latest Brand Phishing Report from Check Point Research sees Microsoft as the number one impersonated brand by cybercriminals with the technology sector dominating the top ten.
Our latest Brand Phishing Report for Q4 2023 highlights the brands that were most frequently imitated by cybercriminals in their attempts to steal individuals' personal information or payment credentials during October, November and December 2023.
Last quarter, Microsoft claimed the top spot as the number one most impersonated brand, accounting for 33% of all brand phishing attempts.
The technology sector stood out as the most targeted industry overall, with Amazon securing second place with 9% and Google in third on 8%. Social networks and banking represented the other two most targeted industries.
Consumer spending associated with the festive period saw cybercriminals continue to target retailers and couriers in Q4 2023.
The widely recognized package delivery brand DHL moved into the top ten, possibly due to increased activity during the November shopping month, while Amazon's ranking can largely be attributed to the annual Amazon Fall Prime Day sale that was scheduled during the second week of October.
While we have said goodbye to 2023, one thing has followed us into the new year and that is the threat of phishing.
Even cybercriminals with limited IT expertise can accurately mimic legitimate brands to deceive unsuspecting customers and carry out social engineering attacks.
Following the widespread use of AI, we can expect to see a higher volume of phishing campaigns this year that are even more indistinguishable from genuine company communications.
As the biggest names in technology, social networking and banking continue to be imitated, end users need to be extra vigilant when engaging with emails claiming to be from a reputable brand.
This deceptive email, posing as the Microsoft account team, claimed to require email address verification and urged recipients to click a verification link.
The email requested recipients to verify their email address and may potentially lead to fraudulent activities.
The email urged recipients to address the storage issue by clicking inactive link, potentially leading to fraudulent activities.


This Cyber News was published on blog.checkpoint.com. Publication date: Wed, 10 Jan 2024 13:43:05 +0000


Cyber News related to Microsoft Returns to the Top Spot as the Most Imitated Brand in Phishing Attacks for Q4 2023

Microsoft Returns to the Top Spot as the Most Imitated Brand in Phishing Attacks for Q4 2023 - The latest Brand Phishing Report from Check Point Research sees Microsoft as the number one impersonated brand by cybercriminals with the technology sector dominating the top ten. Our latest Brand Phishing Report for Q4 2023 highlights the brands ...
9 months ago Blog.checkpoint.com
an Evolution in Brand Spoofing Prevention - This technology uses advanced technologies, such as AI, Natural Language Processing, image processing, and heuristics, to detect and prevent attempts of brand impersonation by matching URLs and web pages with established brands. Our new DeepBrand ...
4 months ago Blog.checkpoint.com
Spear Phishing vs Phishing: What Are The Main Differences? - Almost half of them used phishing to obtain the passwords of users. Highly targeted phishing campaigns against specific individuals or types of individuals are known as spear phishing. It's important to be able to spot phishing in general. For ...
9 months ago Techrepublic.com
Vade Releases 2023 Phishers' Favorites Report - PRESS RELEASE. SAN FRANCISCO, Feb. 15, 2024 /PRNewswire/ - Vade, a global leader in threat detection and response with more than 1.4 billion mailboxes protected, today announced its annual Phishers' Favorites report for 2023. Phishers' Favorites ...
8 months ago Darkreading.com
What SOCs Need to Know About Water Dybbuk - According to the Federal Bureau of Investigation, BEC costs victims more money than ransomware, with an estimated US$2.4 billion being lost to BEC in the US in 2021. Recently, BEC scammers have been using stolen accounts from legitimate Simple Mail ...
1 year ago Trendmicro.com
Combat Phishing Attacks With AI-Powered Threat Protection - According to statistics, 81% of organizations have seen an increase in phishing emails since 2020, with an estimated 3.4 billion emails sent every day. AI-generated phishing emails are a sophisticated and evolving cybersecurity threat. ...
9 months ago Gbhackers.com
Flipping the BEC funnel: Phishing in the age of GenAI - For years, phishing was just a numbers game: A malicious actor would slap together an extremely generic email and fire it out to thousands of recipients in the hope that a few might take the bait. Common among these new techniques was a shift towards ...
9 months ago Helpnetsecurity.com
5 Free Online Brand Protection Software Tools: Pros and Cons - Free or open-source software does exist that can help organizations look for and investigate deceptive websites spoofing their brand. On the other hand, few free tools exist that allow one to take action against online brand impersonation attacks. To ...
9 months ago Securityboulevard.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
11 months ago Esecurityplanet.com
Microsoft Incident Response lessons on preventing cloud identity compromise - Microsoft Incident Response is often engaged in cases where organizations have lost control of their Microsoft Entra ID tenant, due to a combination of misconfiguration, administrative oversight, exclusions to security policies, or insufficient ...
11 months ago Microsoft.com
Phishing Campaign Exploits Open Redirection Vulnerability In 'Indeed.com' - Phishing remains one of the most prevalent challenges facing organisations, with more than three billion malicious emails estimated to be sent around the world every day. Owing to the prevalence of the problem, Verizon's 2023 Data Breach ...
7 months ago Cyberdefensemagazine.com
The Future of Phishing Email Training for Employees in Cybersecurity - One common method they use is through phishing emails. To counter this changing threat, companies must give importance to providing phishing email training for employees on identifying and responding properly to phishing attempts. Standard training ...
5 months ago Hackread.com
QR Code 'Quishing' Attacks on Execs Surge, Evading Email Security - Email attacks relying on QR codes surged in the last quarter, with attackers specifically targeting corporate executives and managers, reinforcing recommendations that companies place additional digital protections around their business leadership. ...
8 months ago Darkreading.com
Ransomware Attacks in November Rise 67% From 2022 - Global levels of ransomware attacks rose 30% in November, with a total of 442 attacks, following a lower volume of attacks in October according to NCC Group's November Threat Pulse. As the third most active month of the year, ransomware levels in ...
10 months ago Darkreading.com
"Quishing" you a Happy Holiday Season - QR Code phishing scams - What they are and how to avoid them. Originally invented to keep track of car parts in the early 90s, QR codes have been around for decades. Quishing, or QR Code phishing, exploits smartphone users scanning the 2D barcode, ...
10 months ago Netcraft.com
CVE-2015-2165 - Multiple cross-site scripting (XSS) vulnerabilities in the Report Viewer in Ericsson Drutt Mobile Service Delivery Platform (MSDP) 4.x, 5.x, and 6.x allow remote attackers to inject arbitrary web script or HTML via the (1) portal, (2) fromDate, (3) ...
5 years ago
One Phish, Two Phish, Red Phish, Blue Phish - I sat down for a chat with George Skouroupathis, our phishing expert at Resonance Security. Phishing is often the first step taken by hackers in a larger scam. There are lots of different kinds of phishing attacks, but one of the most prevalent is ...
5 months ago Hackread.com
The year of Mega Ransomware attacks with unprecedented impact on global organizations - A Staggering 1 in every 10 organizations worldwide hit by attempted Ransomware attacks in 2023, surging 33% from previous year, when 1 in every 13 organisations received ransomware attacks Throughout 2023, organizations around the world have each ...
9 months ago Blog.checkpoint.com
Splunk: AI isn't making spear phishing more effective - Despite increased concerns, AI tools won't give adversaries an advantage when it comes to sending effective phishing emails, according to new research by Splunk's Surge security research team. In a blog post Thursday, Tamara Chacon, security ...
10 months ago Techtarget.com
Police takes down BulletProftLink large-scale phishing provider - The notorious BulletProftLink phishing-as-a-service platform that provided more than 300 phishing templates has been seized, the Royal Malaysian Police announced. The operation started in 2015 but came to researchers' radar later and became more ...
11 months ago Bleepingcomputer.com
5 Common Phishing Vectors and Examples - Phishing attacks can be executed through various means, such as SMS and phone calls, but the most prevalent method involves sending victims emails containing malicious attachments. Let's take a closer look at these types and examine examples of ...
5 months ago Cybersecuritynews.com
Don't phish for deals this holiday season - This season is also a prime opportunity for attackers seeking to capitalize on unsuspecting individuals, employing identity-based cyberattacks such as phishing to compromise users' credentials and take control of their accounts. While education on ...
10 months ago Securityboulevard.com
Cybersecurity Awareness Month: Microsoft resources for security teams | Microsoft Security Blog - Help educate everyone in your organization with cybersecurity awareness resources and training curated by the security experts at Microsoft. The report found that 10.4% of phishing simulation participants clicked the email phishing link they were ...
1 month ago Microsoft.com
Financially motivated threat actors misusing App Installer - Since mid-November 2023, Microsoft Threat Intelligence has observed threat actors, including financially motivated actors like Storm-0569, Storm-1113, Sangria Tempest, and Storm-1674, utilizing the ms-appinstaller URI scheme to distribute malware. In ...
10 months ago Microsoft.com
Secure email gateways struggle to keep pace with sophisticated phishing campaigns - In 2023, malicious email threats bypassing secure email gateways increased by more than 100%, according to Cofense. In just two years, Cofense identified over 1.5 million malicious emails bypassing their customers' SEGs, signaling a 37% increase in ...
8 months ago Helpnetsecurity.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)