For the fifth quarter in a row, Microsoft is the favorite domain of choice for scammers using phishing attacks to lure their victims into clicking on malicious content.
Each quarter, security vendor Vade Secure puts out their quarterly Phisher’s Favorites report, listing the top domains that are being leveraged as part of some very sophisticated phishing attacks.
As with last quarter’s coverage, the top five domains remain the same (in order from last quarter): Microsoft, Paypal, Netflix, Facebook, and Bank of America. But in this quarter’s report, we see the use of Facebook surging materially to not only put it well past Netflix to make it the third-most impersonated brand this quarter, but also see it encroaching upon Paypal’s number two spot.
Microsoft’s dominance is based on the lucrative nature of Office 365 credentials; with a single credential, attackers can potentially access a wealth of information and services, unlike any other. These attacks are also getting more sophisticated, according to Vade Secure, with phishers continuing to repurpose JavaScript, CSS, and other code from the legitimate Microsoft website to recreate an identical user experience that fools even the most savvy user.
With such well-known and well-used brands being utilized to create the illusion of legitimacy with potential victims, organizations need to train users using continual Security Awareness Training not just how to be vigilant looking for malicious email and web content, but also to have a security-centric mindset when working.
Seeing these same brands used quarter after quarter tells you one key piece of information – they’re working well for the cybercriminal. You’re going to need to step up your security awareness game to even have a chance of stopping these kinds of attacks.