The latest data on brand phishing trends shows one brand dominating quarter over quarter, but also continuing to take on a larger share of the brand impersonation.
Take a guess which brand tops the list as the most impersonated in phishing attacks? If you guessed Microsoft, you’d be right. You’d also have been right last quarter, and the quarter before that – according to Check Point Research.
But what is fascinating about this is how the share of brand impersonation in phishing attacks is just running towards Microsoft:
In Q4 of 2023, Microsoft branding was used in 33% of phishing that used impersonation. In Q1 of 2024, it was 38%. In Q2 of 2024, is was 57%. And now in Q3 of 2024, it’s 61%.
It only makes sense – Microsoft 365 is the largest digital workspace, the credentials to such a platform would give threat actors access to other corporate resources, and users seem to continue to fall for attacks intent on stealing their credentials.
Also noteworthy is Apple’s rise from just bouncing around the top 4 spots to holding second place two quarters in a row, as well as the entrance of Alibaba to the top 10 list.
These quarterly reports make it clear that cybercriminals are going to continue to leverage global brands as a means of gaining the trust of their recipient victims, and to steal their credentials, infect their computers, and take their money.
KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.
New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn't a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4's security awareness training and simulated phishing platform and see how easy it can be!
