Microsoft claimed the top spot as the number one most impersonated brand in Q4 2023 to steal individual’s personal information or payment credentials, according to Check Point’s latest Brand Phishing Report, accounting for 33% of all brand phishing attempts.

The technology sector stood out as the most targeted industry overall, with Amazon securing second place with 9% and Google in third on 8%. Social networks and banking represented the other two most targeted industries.

Consumer spending associated with the festive period saw cybercriminals continue to target retailers and couriers in Q4 2023.

The widely-recognised package delivery brand DHL moved into the Top 10, possibly due to increased activity during the November shopping month, while Amazon’s ranking can largely be attributed to the annual Amazon Fall Prime Day sale that was scheduled during the second week of October.

“While we have said goodbye to 2023 one thing has followed us into the new year and that is the threat of phishing. Even cybercriminals with limited IT expertise can accurately mimic legitimate brands to deceive unsuspecting customers and carry out social engineering attacks” says Omer Dembinsky, data group manager at Check Point Software.

“Following the widespread use of AI, we can expect to see a higher volume of phishing campaigns this year that are even more indistinguishable from genuine company communications. As the biggest names in technology, social networking and banking continue to be imitated, end users need to be extra vigilant when engaging with emails claiming to be from a reputable brand.”

The Top 10 brands ranked by their overall appearance in brand phishing events during Q4 2023 are: Microsoft (33%); Amazon (9%); Google (8%); Apple (4%); Wells Fargo (3%); LinkedIn (3%); Home Depot (3%); Facebook (3%); Netflix (2%); and DHL (2%).