It is no secret that cybercriminals often pretend to be someone they are not to lure out people’s money or valuable information, and what can be better used for this purpose than a well-known and trusted brand?
According to new data from Atlas VPN, Microsoft and Zoom were the most commonly impersonated companies in phishing attacks in 2020. In total, 80% of all last year’s brand email phishing campaigns imitated Microsoft or Zoom to scam victims.
Microsoft was a definite leader over the other brand impersonators, being used in a whopping 28 536 unique phishing attempts and accounting for 70% of all last year’s brand phishing campaigns.
However, Zoom, which exploded in popularity amid the pandemic when industries turned to remote video communication tools, came in second. It was exploited in 3 803 brand phishing campaigns, which constitute more than 9% of all such attempts.
In the meantime, the third spot in the list is occupied by the world’s largest online retailer Amazon. Amazon’s brand name was taken advantage of in 2 747 or nearly 7% of all phishing campaigns impersonating well-known brands.
In total, over 12% of all last year’s phishing emails used brand impersonation as their tactics.
With Microsoft being the most phished brand, it is not surprising that the technology sector dominated phishing emails last year. Companies in the technology sector such as Microsoft, Netflix, DocuSign, LinkedIn, Apple, Dropbox, and ADP were exploited in close to 72% of all phishing campaigns that imitated existing brands.
The technology sector is followed by the telecommunication industry. Names of telecommunication industry leaders such as Zoom, RingCentral, eFax, Xerox, and AT&T were used in close to 14% of such phishing attempts in 2020.
Meanwhile, companies’ names in the retail industry were utilised in 8,5% of such phishing attempts in 2020. Notable brands include the already mentioned Amazon and CVS, as well as Sam’s Club and Walmart.
Ruth Cizynski, cybersecurity researcher and writer at Atlas VPN, says: “With the eruption of the global pandemic, most of our lives transferred online and cybercriminals were quick to take advantage of the situation by launching new scam schemes and phishing attacks. When it comes to the latter, fraudsters favoured brands and industries that people were relying on the most during the pandemic.”