MADRID, 16 Jul. (Portaltic/EP) –
Microsoft is the company that cybercriminals pay most attention to in their ‘phishing’ campaigns with the aim of stealing personal information or payment credentials from victims, used in 45 percent of all brand spoofing attempts in the second quarter of 2021.
In the second quarter, in which Microsoft warned of a new Russian ‘phishing’ campaign by Nobelium, the tech giant was once again the brand most used by cybercriminals, as in the first quarter of 2021 and the last of 2020.
Of the total number of brand ‘phishing’ attempts, 45 percent were related to Microsoft in the second quarter (six points more than in the first). DHL shipping company maintained its position as the second most impersonated brand, with 26 percent of all ‘phishing’ attempts related to it, while Amazon occupies the third position (11%).
These data are extracted from the Check Point Research ‘Brand Phishing Report’, corresponding to the second quarter of 2021. The report collects the companies in which cybercriminals pay more attention to develop their ‘phishing’ campaigns with the aim of steal personal information or payment credentials from victims.
This latest report also reflects that the technology remains the sector most likely to be subject to ‘phishing’, followed by shipping and retail. In the first quarter of 2021, the bank occupied the position of the stores, but these have already recovered their third position, possibly due to the sales of Amazon Prime Day, as indicated by the technology company in a statement.
The Director of Data Intelligence at Check Point, Omer Dembinsky, has stated that “attempts to steal personal data impersonating big brands are on the rise”, and has given as an example the run up to Amazon Prime Day in the second quarter, when they registered more than 2,300 new domains on Amazon.
The manager has also highlighted a global increase in the second quarter of ‘ransomware’ attacks, which are often initially spread via ‘phishing’ emails containing malicious attachments.
BRAND PHISHING ATTACK
In a branded ‘phishing’ attack, cybercriminals try to impersonate the official website of a well-known brand using a domain name or URL and web design similar to the genuine site.
The fake link can be sent to victims by email or text message, but you can also redirect a user during web browsing, or activated from a fraudulent mobile application. Often times, such a fake website contains a form intended to steal users’ credentials, payment details, or other personal information.