DHL, Microsoft, WhatsApp top phishing list of most imitated brands

0
239

Jonathan Greig

Written by

Jonathan Greig, Staff Writer

Jonathan Greig

Jonathan Greig
Staff Writer

Jonathan Greig is a journalist based in New York City.

Full Bio

on January 17, 2022

| Topic: Security

DHL took over the top spot of Check Point Research’s list of the most imitated brands among cybercriminals this year, surpassing Microsoft and Google as the brand used most often in phishing emails and scams. 

The company’s Q4 Brand Phishing Report for 2021 ranks the top 10 most imitated brands in October, November and December. Researchers at Check Point found DHL’s brand used in 23% of all phishing attacks they saw globally. Microsoft was second at 20% while WhatsApp came in at 11% and Google appeared in 10%. 

image007-1.png

On the left side — the fraudulent login page with credentials request. On the right side — a real DHL login page.

Check Point Research

The rest of the list includes LinkedIn, Amazon, FedEx, Roblox, PayPal and Apple. Omer Dembinsky, data research group manager at Check Point Software, said it is important to remember that cybercriminals are opportunists and will often take advantage of consumer trends by imitating popular brands. 

“This quarter, for the first time, we’ve seen global logistics company DHL top the rankings as the most likely brand to be imitated, presumably to capitalize on the soaring number of new and potentially vulnerable online shoppers during the year’s busiest retail period,” Dembinsky said. 

“Older users in particular, who are less likely to be as technologically savvy as younger generations, will be shopping online for the first time and might not know what to look for when it comes to things like delivery confirmation emails or tracking updates. Furthermore, the rise in COVID cases has people relying on the shipping service more, and cyber criminals are likely trying to capitalize on people choosing to stay in doors more.”

The researchers also found that social media platforms were being spoofed more often as well, with sites like LinkedIn moving from 8th position to 5th compared to Q3 and now accounting for 8% of all phishing-related attacks. WhatsApp moved from 6th to 3rd. 

screen-shot-2022-01-17-at-5-53-22-am.png

Check Point Research

“That social media would continue to be heavily targeted by bad actors looking to take advantage of those leaning more heavily on channels like WhatsApp, Facebook and LinkedIn as a result of remote working and other fallouts from the pandemic,” Dembinsky explained. 

“Unfortunately, there’s only so much brands like DHL, Microsoft and WhatsApp — which represent the top 3 most imitated brands in Q4 — can do to combat phishing attempts. It’s all too easy for the human element to overlook things like misspelt domains, typos, incorrect dates or other suspicious details, and that’s what opens the door to further damage. We’d urge all users to be very mindful of these details when dealing with the likes of DHL in the coming months.”

Security

Log4j: How hackers are using the flaw to deliver this new ‘modular’ backdoor

When open-source developers go bad

Remote Access Trojans spread through Microsoft Azure, AWS abuse

The 5 best VPN services in 2022

Security TV

|
Data Management

|
CXO

|
Data Centers