“Phishing emails are a prominent tool in every hacker’s arsenal as they are fast to deploy and can target millions of users at relatively low cost,” said Omer Dembinsky, Data Research Group Manager at Check Point Software.
Professional networking platform LinkedIn continued to be the most imitated brand by cyber criminals to trick people into giving up their personal data in the second quarter (Q2) this year, a report showed on Tuesday.
While LinkedIn was at the top with 45 per cent of all phishing attempts in Q2, its parent company Microsoft moved to the second spot with 13 per cent of all phishing attempts, edging DHL into third place with 12 per cent share, according to Check Point Research.
Some new brands entering the top 10 were adidas, Adobe, and HSBC.
“Phishing emails are a prominent tool in every hacker’s arsenal as they are fast to deploy and can target millions of users at relatively low cost,” said Omer Dembinsky, Data Research Group Manager at Check Point Software.
“They give cybercriminals the opportunity to leverage the reputation of trusted brands to give users a false sense of security that can be exploited to steal personal or commercial information for financial gain,” Dembinsky added.
Social networks generally continue to be the most imitated category, followed by technology which, this quarter, took over second place from shipping.
The researchers said that the increase in the use of Microsoft-related scams is a danger to both individuals and organisations.
“Once someone has hold of your account login details, they have access to all the applications behind it, such as Teams and SharePoint, as well as the obvious risk of compromise to your Outlook email account,” the report mentioned.
The report highlighted a specific example of an Outlook phishing email luring users to a fraudulent Outlook web page with the subject line: “[Action Required] Final Reminder – Verify your OWA Account now”, asking the victim to enter their login credentials.
LinkedIn based phishing campaigns imitated the style of communication of the professional social media platform with malicious emails using subjects like: “You appeared in 8 searches this week” or “You have one new message” or “I’d like to do business with you via LinkedIn.”
Although appearing to come from LinkedIn, they used an email address that was completely different to that of the brand.
Other brands in the top 10 list by Check Point were Amazon (9 per cent), Apple (3 per cent), Google (1 per cent) Netflix (1 per cent), and Adobe (1 per cent).
– IANS