DUBAI, UAE: Check Point Research (CPR), the Threat Intelligence arm of Check Point® Software Technologies Ltd. (NASDAQ: CHKP) and a leading provider of cyber security solutions globally, has published its Brand Phishing Report for Q4 2023. The report highlights the brands that were most frequently imitated by cybercriminals in their attempts to steal individuals’ personal information or payment credentials during October, November and December 2023.
Last quarter, Microsoft claimed the top spot as the number one most impersonated brand, accounting for 33% of all brand phishing attempts. The technology sector stood out as the most targeted industry overall, with Amazon securing second place with 9% and Google in third on 8%. Social networks and banking represented the other two most targeted industries.
Consumer spending associated with the festive period saw cybercriminals continue to target retailers and couriers in Q4 2023.
The widely recognized package delivery brand DHL moved into the top ten, possibly due to increased activity during the November shopping month, while Amazon’s ranking can largely be attributed to the annual Amazon Fall Prime Day sale that was scheduled during the second week of October.
“While we have said goodbye to 2023, one thing has followed us into the new year and that is the threat of phishing. Even cybercriminals with limited IT expertise can accurately mimic legitimate brands to deceive unsuspecting customers and carry out social engineering attacks” said Omer Dembinsky, Data Group Manager at Check Point Software.
“Following the widespread use of AI, we can expect to see a higher volume of phishing campaigns this year that are even more indistinguishable from genuine company communications. As the biggest names in technology, social networking and banking continue to be imitated, end users need to be extra vigilant when engaging with emails claiming to be from a reputable brand.”
Top Phishing brands
Below are the top 10 brands ranked by their overall appearance in brand phishing events during Q4 2023:
- Microsoft (33%)
- Amazon (9%)
- Google (8%)
- Apple (4%)
- Wells Fargo (3%)
- LinkedIn (3%)
- Home Depot (3%)
- Facebook (3%)
- Netflix (2%)
- DHL (2%)
Microsoft Phishing Email – Email Verification Scam
This deceptive email, posing as the Microsoft account team, claimed to require email address verification and urged recipients to click a verification link. It featured a subject line “Microsoft: Verify your email address” aiming to create a sense of urgency. The phishing link included in the email was: “cloudflare-ipfs[.]com/ipfs/bafybeigjhhhd64vhna67panxz6myhaelya6vphjbic65jog5hvm4mmgpum”.
This link is not associated with Microsoft. The email requested recipients to verify their email address and may potentially lead to fraudulent activities.
Follow Check Point via:
LinkedIn: https://www.linkedin.com/company/check-point-software-technologies
X: https://twitter.com/checkpointsw
Facebook: https://www.facebook.com/checkpointsoftware
Blog: https://blog.checkpoint.com
YouTube: https://www.youtube.com/user/CPGlobal
About Check Point Research
Check Point Research provides leading cyber threat intelligence to Check Point Software customers and the greater intelligence community. The research team collects and analyzes global cyber-attack data stored on ThreatCloud to keep hackers at bay, while ensuring all Check Point products are updated with the latest protections. The research team consists of over 100 analysts and researchers cooperating with other security vendors, law enforcement and various CERTs.
About Check Point Software Technologies Ltd.
Check Point Software Technologies Ltd. (www.checkpoint.com) is a leading provider of cybersecurity solutions to corporate enterprises and governments globally. Check Point Infinity’s portfolio of solutions protects enterprises and public organizations from 5th generation cyberattacks with an industry leading catch rate of malware, ransomware and other threats. Infinity comprises four core pillars delivering uncompromised security and threat prevention across enterprise environments: Check Point Harmony, for remote users; Check Point CloudGuard, to automatically secure clouds; and Check Point Quantum, to protect network perimeters and datacenters, all controlled by the industry’s most comprehensive, intuitive unified security management; Check Point Horizon, a prevention-first security operations suite. Check Point protects over 100,000 organizations of all sizes.