Nearly a third of all breaches in the past year involved phishing, according to the 2019 Verizon Data Breach Investigations Report. Similarly, phishing was present in 78% of cyber-espionage incidents and the installation and use of backdoors to networks.
Information security is paramount for all businesses, and phishing poses a serious threat. Phishing works because we’re human, and we make mistakes either because we’re in a rush and our defences are lowered, or because we think we’re too smart to fall for a phishing attempt (a recent study showed how we often fail to recognize risk in assessing our own actions, while spotting risk easier when assessing other people’s behavior). But none of us is immune especially when the criminals behind attacks impersonate familiar, trusted brands that we often interact with.
‘Brand phishing’ involves the attacker imitating an official website of a known brand by using a similar domain or URL, and usually a web page similar to the original website. The link to the deceptive website can be sent via email or text message, a user can be redirected during web browsing, or it may be triggered from a fraudulent mobile application. In many cases the website contains a form intended to steal credentials, personal information or payments.
While we all try to get used to the Covid-19 pandemic’s ‘new normal’ in our work and home lives, this year has been a time of unprecedented opportunity for cyber-criminals. The global response to the pandemic, and our desire for the latest information about it, has supercharged criminals’ and hackers’ business-as-usual models of phishing emails and fake websites.
Google and Amazon lead, Apple falls
Check Point’s Research latest Brand Phishing Report for Q2 2020 shows that Google and Amazon were the most imitated brands in phishing attempts, while Apple (the leading phishing brand in Q1) fell to 7th place from the top spot in Q1 [Chart above]. The total number of Brand Phishing detections remains stable compared to Q1 2020.
Email phishing exploits were the second most common type after web-based exploits, compared to Q1 where email was third. The reason for this change may be the easing of global Covid-19 related restrictions, which have seen businesses re-opening and employees returning to work.
Here is the analysis of brand phishing statistics for Q2 2020, together with examples of phishing campaigns which aimed to generate direct profit by impersonating Apple iCloud and PayPal.
Top 10 brands ranked by their overall appearance in brand phishing events during Q2 2020:
Top brand industry sectors
3. Social Network
Top phishing brands per vector
When examining the different vectors used we can see some noticeable differences in the brands being used in each vector: for example the focus in mobile is on major technology brands and media.
Email (24% of attacks)
Web (61% of attacks)
Mobile (15% of attacks)
However, organizations should prevent zero-day attacks with an end to end cyber architecture, to block deceptive phishing sites and provide alerts on password reuse in real time.