Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    Phishing Impersonation and Attack Trends in 2021

    Stu Sjouwerman | Mar 9, 2022

    Phishing Impersonation and Attack Trends in 2021Facebook overtook Microsoft as the most impersonated brand in phishing attacks last year, according to a new report from Vade Secure.

    “Barely edging Microsoft out of the top spot, Facebook is the most impersonated brand of 2021, representing 14% of phishing pages analyzed by Vade,” the researchers write. “Facebook, which sat at #2 on the Phishers’ Favorites list in 2020, has seen increased interest from phishers over the last two years. While Facebook has dominated social media for more than a decade, disruptive social changes, including COVID-19 and political unrest, created a perfect storm for phishers’ to capitalize on the last two years. Always ready to exploit a bad situation, phishers’ have no doubt kept tabs on Facebook and found ample opportunities to exploit its users.”

    The two atop the leader board may both be IT companies, but another sector is heavily represented in the field. Unsurprisingly, more than a third of phishing attacks impersonated companies in the financial industry.

    “Representing 35% of all phishing pages, financial services was the most impersonated industry of the year,” Vade says. “Crédit Agricole, Chase, Wells Fargo, and PayPal are among the top 20 most impersonated brands, while financial services overall had six brands on the list.”

    The researchers also observed an increase in tech support scams that encouraged recipients to call a phone number rather than click a link in the email.

    “In March 2021, Vade began tracking a phishing campaign that impersonated several antivirus providers, including Norton, McAfee, and Microsoft,” the researchers write. “Unlike traditional phishing emails, the tech support scams did not include links but phone numbers. Users were urged to call a phone number in the footer of the email to either renew their subscriptions or be charged a renewal fee. Once on the phone, users are lured by hackers who convince the users that their computers are infected with malware. Vade detected 1 million tech support scam emails between March and April 2021.”

    New-school security awareness training can enable your employees to recognize phishing attacks.

    Topics: Phishing

    See KnowBe4 Security Awareness Training in Action

    See how you can efficiently safeguard your organization from sophisticated social engineering threats.

    Request a Demo

    Secure the Digital Workforce: Human + AI

    KnowBe4 empowers the modern workforce to make smarter security decisions every day. Trusted by more than 70,000 organizations worldwide, KnowBe4 is the pioneer of digital workforce security, securing both AI agents and humans. The KnowBe4 Platform provides attack simulation and training, collaboration security, and agent security powered by AIDA (Artificial Intelligence Defense Agents) and a proprietary Risk Score. The platform leverages 15 years of behavioral data to combat advanced threats including social engineering, prompt injection, and shadow AI. By securing humans and agents, KnowBe4 leads the industry in workforce trust and defense.

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the Founder and Executive Chairman of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog

    Posts By Topic

    View All