Once again, Microsoft was granted the top spot as the most impersonated company, in this quarter’s Vade Secure’s Phishers’ Favourites report.
Vade’s machine used learning algorithms to analyse data from more than 600 million protected mailboxes worldwide and performed real-time analysis of the URL and page content to identify the brand being impersonated.
In Q2 2019, the AI engine detected 20,217 unique Microsoft phishing URLs- averaging at more than 222 per day; which is a 15.5% YoY increase compared to the same quarter last year. The company has also ranked number one on the Phisher’s Favourites list every quarter since the release of the official rankings.
Cybercriminals often like to target users of Office 365 for their credentials, as they provide a single entry point to the entire platform, allowing them to go onto infiltrate the entire business.
Facebook has also had its fair share of phishers, with a 175.8% increase in phishing URLs; advancing the company up to the third position. This is likely due to the increase in the use of Facebook Login to sign into other sites, which makes it easier for hackers to gain access to those accounts too.
Chief Solution Architect at Vade Secure, Adrien Gendre, warns both organisations and individuals to be wary of the prevalence of the attacks:
Cybercriminals are more sophisticated than ever, and the ways they target corporate and consumer email users continued to evolve in Q2.
Microsoft Office 365 phishing is the gateway to massive amounts of corporate data, while gaining access to a consumer’s Facebook log-in information could compromise much of their personal, sensitive information. The fact that we saw such a significant volume in impersonations of these two brands, along with the coinciding new methods of attack, means that virtually all email users and organizations need to be on heightened alert.
In the list of the top 10 most impersonated brands, PayPal came in at number 2, and Netflix number 4, followed by Bank of America, Apple, CIBC, Amazon, DHL and DocuSign.
Amazon also saw a massive increase in phishing URLs, with a 182.6% increase since Q1, and 411.5% YoY. New Amazon phishing kits were reported in both May and in the time prior to Prime Day 2019.
In terms of industries, cloud companies were the most impersonated, taking the top spot for the fifth quarter in a row with 37.6%. Financial services made up 33.1%, social media 15.6%, followed by e-commerce/logistics with 7.7% and finally internet/telco contributing to 5.2%.
Interestingly, Tuesday and Wednesdays were the most popular days for cybercriminals to attempt attacks, with 80% of phishing taking place on weekdays. Maybe hackers also need a weekend after a hard week of scamming.
Microsoft published a blog post earlier this year, which outlines all of the anti-spoofing protection methods that are available in Office 365, in order to reduce the likelihood of users suffering a phishing attack. Check it out here.