Apple has remained the most imitated brand as per the latest brand phishing report. Read on to know more…
Brand popularity influences market trends and consumer behavior alike. However, certain nefarious elements of the cyberspace often feed off the popularity of famous brands for their own advantage. Apple has remained the most imitated brand as per the latest brand phishing report by Check Point, followed by Netflix, PayPal, and eBay. Apple was found to be the most vulnerable to brand phishing attacks, followed by the banking and media Industries.
What is Brand Phishing?
Brand phishing involves criminals trying to imitate an official website of a well-known brand by using a similar domain or URL, and designing a web page identical to the original website. As per the recent brand phishing report by Check Point, the tech industry was found to be the most vulnerable to attacks in brand phishing, followed by the banking and media industries.
Brand Phishing Report
According to Check Point’s latest Brand Phishing Report for Q1 2020, Apple customers are the biggest target of cybercriminals with 10% of all brand phishing attempts. The new security report by the researchers also revealed that web-based phishing campaigns accounted for 59% of attack attempts overall.
Apple suffered 10% of all brand phishing attempts globally for Q1 this year, rising to 1st position from the 7th spot in Q4 of 2019. Other brands following the sequence included Netflix at 9%, Yahoo and WhatsApp at 6%, PayPal and Chase at 5%, Facebook, eBay and Microsoft at 3% and Amazon at 1%.
Brand popularity in phishing attempts varies by attack vector. Here’s what the researchers found for different attack vectors, along with the most frequently impersonated brands for each vector.
• Web (59% of attacks) – Apple, Netflix, PayPal, eBay
• Mobile (23% of attacks) – Netflix, Apple, WhatsApp, Chase
• Email (18% of attacks) – Yahoo, Microsoft, Outlook, Amazon
Brand Phishing is very similar to other phishing attacks, except it imitates popular brands to establish trust among unsuspecting victims. Hackers attach the link to the fake website in emails or text messages, or it may be redirected to by a fraudulent mobile application.
The fake websites typically display a form seeking personal information of the users to steal their credentials, payment details, or something else.
In the current scenario, attackers are focused on COVID-19 related phishing campaigns. However, to identify such phishing attempts, whether it is brand or epidemy related, one must take several precautions such as:
• Observe the links received in the emails before clicking on it.
• Be careful of fake promotional offers with outlandish discounts on famous brands.
• Avoid providing your credentials to any unknown entities.
• Also, it is strongly advised to check domain names. One might spot spelling mistakes in a domain name, which is a common occurrence in phishing domains.