Microsoft takes top spot as most impersonated brand in phishing

Microsoft takes top spot as most impersonated brand in phishing

Microsoft tops Vade's phishing report, which has some good news: The overall number of phishing attacks declined in the second quarter.

Credit: Dreamstime

Microsoft toppled Facebook for the top spot in the 25 most impersonated brands by phishers in the first half of 2022, with a total of 11,041 unique phishing URLs, according to Vade's latest Phishers' Favorites report.

Facebook, which was the most impersonated company in 2021, followed close behind in the second spot, with 10,448 phishing URLs, according to Vade, which offers an email filtering service for phishing, malware, spear phishing, and spam.

Other brands rounding out the top five in the list included Credit Agricole, Whatsapp, and Orange.

There was some good news in the report: The total number of phishing attacks decreased in the second quarter compared to the first. 

That's because, even though the number of phishing attacks impersonating major brands like Microsoft and Facebook increased quarter over quarter, the first quarter of the year saw the most phishing attacks overall, with 81,447 unique phishing URLs detected, compared to 53,198 in the second quarter.

Microsoft, Facebook phishing rode on creative tactics

Microsoft’s widely popular 365 platform, with more than 240 million business subscribers, has created an irresistible target, fuelling a 266 per cent quarter-over-quarter jump in phishing attacks impersonating the brand this year.

According to Vade’s findings, the Microsft brand was used in a large number of technical support scams, as were other companies like McAfee, Norton, Apple and Amazon. What was different in these scams is that hackers used phone numbers rather than phishing links to lure users and bypass email filters.

For instance, in June, hackers impersonated Microsoft Defender, alerting the intended victim about a $299.00 subscription payment supposedly posted to their bank account, which could  only be cancelled via phone within 24 hours. When victims called the number listed in the alert, hackers would try to take control of users’ computers to install spyware.

Equally creative tactics were noticed in Facebook phishing, which included sending emails that indicated a user was being locked out of their social media accounts for "violation of Community Standards." Subsequently, the victim had to click on "disagree with decision" within 30 days in order to regain access, thereby initiating the phishing payload.

Another phishing attack asked users to confirm their identity with formal documents, saying that it was required by Facebook’s "renewed privacy policy."

Financial, cloud sectors are biggest phishing targets

Financial services topped the list of most impersonated industries in phishing, with eight brands in the top 25. The top phished brands in the space include Credit Agricole, MTB, and PayPal, recording a 203 per cent, 332 per cent, and 305 per cent quarter-over-quarter increase respectively.

Cloud services, with a contribution of six names in the top 25 list, were the second most impersonated segment, including brands like Microsoft, Google, Netflix, Adobe, and Docusign.

While Financial services represented 34 per cent of all unique phishing URLs detected, cloud and internet/telco companies contributed 19 per cent. Social Media, e-commerce, and government sectors had a 17 per cent, 10 per cent, and one per cent share, respectively.

Another key finding in the report was that most phishing attacks were observed during the weekdays, with Tuesdays being the most active.

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags Microsoftphishingcyber security



How MSPs can capitalise on integrating AI into existing services

How MSPs can capitalise on integrating AI into existing services

​Given the pace of change, scale of digitalisation and evolution of generative AI, partners must get ahead of the trends to capture the best use of innovative AI solutions to develop new service opportunities. For MSPs, integrating AI capabilities into existing service portfolios can unlock enhancements in key areas including managed hosting, cloud computing and data centre management. This exclusive Reseller News roundtable in association with rhipe, a Crayon company and VMware, focused on how partners can integrate generative AI solutions into existing service offerings and unlocking new revenue streams.

How MSPs can capitalise on integrating AI into existing services
Access4 holds inaugural A/NZ Annual Conference

Access4 holds inaugural A/NZ Annual Conference

​Access4 held its inaugural Annual Conference in Port Douglass, Queensland, for Australia and New Zealand from 9-11 October, hosting partners from across the region with presentations on Access4 product updates, its 2023 Partner of the Year awards and more.

Access4 holds inaugural A/NZ Annual Conference
Show Comments