Apple, Netflix, Yahoo and WhatsApp are the top four brands frequently used in phishing scams, according to Check Point Research, the threat intelligence unit of Israeli network Security Company, Check Point Software Technologies.
The “brand phishing report for the first quarter of 2020” highlights companies that were most frequently imitated by criminals in order to steal personal information or payment credentials.
In a brand phishing attack, criminals usually try to imitate the official website of a well-known brand by creating a similar domain name or website design. The link is then accompanied by alluring text in emails and messages to persuade users into opening the malicious content.
A user is then either redirected while browsing or the scam is triggered through fraudulent mobile applications.
“Phishing will continue to be a growing threat in the coming months, especially as criminals continue to exploit the fears and needs of people using essential services from their homes. As always, we encourage users to be vigilant and cautious when divulging personal data,” Maya Horowitz, Director, Threat Intelligence & Research, Products at Check Point, said.
The fake website usually contains forms designed to steal users’ credentials, payment details or other information.
According to the report, about 10% of all brand phishing attempts used Apple to lure victims. Streaming app Netflix came in second with 9%, probably driven by the increase in viewership on the OTT app owing to the Covid-19 lockdown. The next three on the list included Yahoo (6%), WhatsApp (5%) and PayPal (5%).
The most likely industry targeted by brand phishing was technology, followed by banking and then social media.
The other brands in the top ten include J.P. Morgan’s Chase bank at 5%, Facebook and Microsoft at 3% each, online retail store eBay at 3% and Amazon, which surprisingly had only 1% of the total brand phishing attempts under its name.
However, the traditional email phishing method only accounted for 18% of all hacking attempts in the first quarter of 2020. Web browsing stood at 59% and mobile platforms at 23%.
In terms of emails, users were more likely to come across Yahoo, Microsoft and Amazon as bait from hackers. Brands like Apple, Netflix, and WhatsApp are among the top companies to watch out for during web browsing and mobile browsing.
The report took into consideration inputs from over 250 million addresses which were analysed for bot discovery and phishing attacks. The ThreatCloud database of the company holds close to 11 million malware signatures and info on over 5.5 million infected websites whose data is used to find newer threats.