Content, Content, Phishing

Phishing Attack Research: Facebook Tops Most Imitated Brands

Cyber phishers most often trapped victims into unknowingly giving up their personal information by imitating Facebook’s brand, a new Check Point report on brand phishing said.

To fight back against such attacks, MSPs and MSSPs can offer cybersecurity awareness training and associated tools to end customers.

Without proper security defenses and training in place, customers could fall for increasingly convincing phishing attacks that imitate legitimate brands.

To wit, Check Point's Q4 2019 Brand Phishing Report sought out brands that were most frequently parroted by cyber criminals looking to steal individuals’ personal information or payment credentials. In a brand phishing attack, criminals try to imitate the official website of a well-known brand by using a domain name or URL and web-page design similar to the genuine site.

During Q4 2019, there were significant differences in the brands being used in each phishing vector examined -- Web, email and mobile. The Web accounted for 48 percent of all phishing attacks globally in Q4 2019; email comprised 27 percent during the period; and, mobile generated 25 percent of all phishing attacks in that same quarter. Of note, while Facebook was the most imitated brand overall for phishing, Spotify was among the most imitated for web-based attempts, Yahoo! for email-based attacks and Chase Mobile Banking for mobile hits.

Here are the study’s findings, starting with the top phishing brands overall in Q4 2019, ranked by how many times they appeared in brand phishing attempts, followed by top brands in Web-based attacks, email platforms and mobile:

Overall brand:

  • Facebook (related to 18% of all brand phishing attempts globally)
  • Yahoo (10%)
  • Netflix (5%)
  • PayPal (5%)
  • Microsoft (3%)
  • Spotify (3%)
  • Apple (2%)
  • Google (2%)
  • Chase (2%)
  • Ray-Ban (2%)

Web (48% of all phishing attacks in Q4)

  • Spotify
  • Microsoft
  • PayPal
  • Facebook

Email (27% of all phishing attacks during Q4)

  • Yahoo
  • Ray-Ban
  • Microsoft
  • DropBox

Mobile (25% of all phishing attacks in Q4)

  • Chase Mobile Banking
  • Facebook
  • Apple
  • PayPal

“Cybercriminals are using a variety of attack vectors to trick their intended victims into giving up personal information and login credentials or transferring money,” said Maya Horowitz, Check Point threat intelligence & research product director. “Although this is often done using spam emails, we have also seen attackers obtain credentials to email accounts, study their victim for weeks and craft a targeted attack against partners and customers to steal money. Over the last two years, incidences of this type of attack have spiked with the increased use of cloud-based email, which makes it easier for criminals to disguise themselves as a trusted party.”

D. Howard Kass

D. Howard Kass is a contributing editor to MSSP Alert. He brings a career in journalism and market research to the role. He has served as CRN News Editor, Dataquest Channel Analyst, and West Coast Senior Contributing Editor at Channelnomics. As the CEO of The Viewpoint Group, he led groundbreaking market research.