Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    LinkedIn is the Most Impersonated Brand in Phishing Attacks

    Stu Sjouwerman | Apr 21, 2022

    LinkedIn is the Most Impersonated Brand in Phishing AttacksSocial media companies, particularly LinkedIn, are now the most impersonated brands in phishing campaigns, researchers at Check Point have found.

    “Social media networks have now overtaken shipping, retail and technology as the category most likely to be targeted by criminal groups,” the researchers write. “So far this year, LinkedIn has been related to more than half (52%) of all phishing-related attacks globally, marking the first time the social media network has reached the top of rankings. It represents a dramatic 44% uplift from the previous quarter, when LinkedIn was in fifth position and related to only 8% of phishing attempts. LinkedIn has now overtaken DHL as the most targeted brand, which has now fallen to second position and accounted for 14% of all phishing attempts during the quarter.”

    Shipping companies are still in second place, with DHL and FedEx impersonation accounting for a significant portion of phishing attacks.

    “Shipping is now the second most targeted category, with threat actors continuing to take advantage of the general rise in e-commerce by targeting consumers and shipping companies directly,” the researchers write. “DHL is second to LinkedIn, accounting for 14% of phishing attempts; FedEx has moved from seventh position to fifth, now accounting for 6% of all phishing attempts; and Maersk and AliExpress have entered the top ten list for the first time. Our report highlights one particular phishing strategy that used Maersk-branded emails to encourage the download of spoof transport documents, infecting workstations with malware.”

    Attackers have also impersonated shipping giant Maersk with phishing emails that deliver the Agent Tesla malware.

    “During the first quarter of 2022, we observed a malicious phishing email that used Maersk’s branding and was trying to download the Agent Tesla RAT (Remote Access Trojan) to the user’s machine,” the researchers write. “The email which was sent from a webmail address and spoofed to appear as if it was sent from ‘Maersk Notification (service@maersk[.]com)’, contained the subject, ‘Maersk : Verify Copy for Bill of Lading XXXXXXXXX ready for verification.’ The content asked to download an excel file ‘Transport-Document’, that would cause the system to be infected with Agent Tesla.”

    New-school security awareness training can enable your employees to recognize phishing and other social engineering attacks.

    Topics: Social Engineering Phishing

    Stop Being a Target for Social Media Exploits

    Social media is the new frontier for targeted spear phishing and credential theft. Use our Free Social Media Phishing Test to identify which users are likely to click malicious links or leak data on platforms like LinkedIn and X, and get your results in just 24 hours.

    Get Your Free Test

    Secure the Digital Workforce: Human + AI

    KnowBe4 empowers the modern workforce to make smarter security decisions every day. Trusted by more than 70,000 organizations worldwide, KnowBe4 is the pioneer of digital workforce security, securing both AI agents and humans. The KnowBe4 Platform provides attack simulation and training, collaboration security, and agent security powered by AIDA (Artificial Intelligence Defense Agents) and a proprietary Risk Score. The platform leverages 15 years of behavioral data to combat advanced threats including social engineering, prompt injection, and shadow AI. By securing humans and agents, KnowBe4 leads the industry in workforce trust and defense.

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the Founder and Executive Chairman of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog

    Posts By Topic

    View All