New Report Shows the Brands Most Impersonated by Phishers

The new Vade Secure report revealed the top 25 frequently impersonated brand names in phishing attacks. The Q4 of 2019 Phishers’ Favorite report confirmed that PayPal continues to be the most often impersonated brand in phishing attacks, having 11,392 recognized phishing URLs in Q4. For two consecutive quarters, PayPal is number one on the list. Detection of PayPal phishing URLs increased 23% year-over-year and the rate of detecting new PayPal phishing URLs is 124 per day.

There was an increase in detecting phishing URLs imitating Facebook. The social media giant jumped to second while Microsoft is 3rd and Netflix is 4th. Facebook phishing URL detections went up by 358.8% in Q4 of 2018.

Though Microsoft is in third place overall, it is the most often impersonated brand in company phishing attacks. Microsoft currently has more than 200 million active Office 365 business users who are targeted by hackers to obtain their Office 365 credentials. Office 365 accounts may consist of loads of sensitive information and may be used to carry out spear-phishing attacks on partners and other staff within the organization.

A very visible change in Q4 was a substantial increase in phishing URLs impersonating WhatsApp, which made the Microsoft-operated instant messaging service to jump to position 5. The 5,020 detected phishing URLs in Q4 represent a 13,467.6% increase compared to Q3 of 2019.

Because of the WhatsApp phishing URL detections, the percentage of phishing URLs for social media companies went up from 13.1% in Q3 to 24.1% in Q4. The brands completing the top ten were Bank of America (6th position), followed by CIBC (7th), Desjardins (8th), Apple (9th), and Amazon (10th). There was additionally a big increase in phishing URLs impersonating Instagram, which grew by 187.1% in Q4.

Organizations in the financial services were the most often impersonated in Q4 for the second successive quarter. Although phishers do impersonate big banking institutions, Vade Secure remarks that phishers are nowadays favoring smaller financial establishments, which may not have strong security controls in place to spot brand impersonation.

Vade Secure states that phishing attacks impersonating note services like OneNote and Evernote markedly increased, besides the increase in phony OneDrive and SharePoint notifications that direct to websites hosting phishing kits.