Phishing Impersonation and Attack Trends in 2021

Phishing Impersonation and Attack Trends in 2021Facebook overtook Microsoft as the most impersonated brand in phishing attacks last year, according to a new report from Vade Secure.

“Barely edging Microsoft out of the top spot, Facebook is the most impersonated brand of 2021, representing 14% of phishing pages analyzed by Vade,” the researchers write. “Facebook, which sat at #2 on the Phishers’ Favorites list in 2020, has seen increased interest from phishers over the last two years. While Facebook has dominated social media for more than a decade, disruptive social changes, including COVID-19 and political unrest, created a perfect storm for phishers’ to capitalize on the last two years. Always ready to exploit a bad situation, phishers’ have no doubt kept tabs on Facebook and found ample opportunities to exploit its users.”

The two atop the leader board may both be IT companies, but another sector is heavily represented in the field. Unsurprisingly, more than a third of phishing attacks impersonated companies in the financial industry.

“Representing 35% of all phishing pages, financial services was the most impersonated industry of the year,” Vade says. “Crédit Agricole, Chase, Wells Fargo, and PayPal are among the top 20 most impersonated brands, while financial services overall had six brands on the list.”

The researchers also observed an increase in tech support scams that encouraged recipients to call a phone number rather than click a link in the email.

“In March 2021, Vade began tracking a phishing campaign that impersonated several antivirus providers, including Norton, McAfee, and Microsoft,” the researchers write. “Unlike traditional phishing emails, the tech support scams did not include links but phone numbers. Users were urged to call a phone number in the footer of the email to either renew their subscriptions or be charged a renewal fee. Once on the phone, users are lured by hackers who convince the users that their computers are infected with malware. Vade detected 1 million tech support scam emails between March and April 2021.”

New-school security awareness training can enable your employees to recognize phishing attacks.

Request A Demo: Security Awareness Training

products-KB4SAT6-2-1New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn't a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4's security awareness training and simulated phishing platform and see how easy it can be!

Save My Spot!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Topics: Phishing

Subscribe To Our Blog

Anti-Phishing Guide ebook

Get the latest about social engineering

Subscribe to CyberheistNews