International. It's no secret that cybercriminals often pretend to be someone they aren't to attract money or valuable information from people, and what can be better used for this purpose than a well-known and trusted brand?
According to data presented by the Atlas VPN team, Microsoft and Zoom were the most commonly impersonated companies in phishing attacks in 2020. In total, 80% of all branded email phishing campaigns last year mimicked Microsoft or Zoom scam victims.
The numbers are based on data collected by INKY, which recorded 591,293 brand spoofing phishing campaigns in 2020, of which 40,906 were unique. A single campaign is defined as belonging to the same sender domain and authentication source and having roughly the exact text, links, and attachments. It means that a single campaign can represent hundreds or even thousands of emails sent by cybercriminals.
The multinational technology company Microsoft was a definitive leader over the other brand imitators. The brand was used in a whopping 28,536 unique phishing attempts representing 70% of all branded phishing campaigns last year.
However, Zoom, which exploded in popularity amid the pandemic when all industries turned to remote video communication tools, came in second. It was exploited in 3,803 branded phishing campaigns, constituting more than 9% of all these attempts.
Third on the list is occupied by the world's largest online retailer, Amazon. The Amazon brand was used in 2,747 or nearly 7% of all phishing campaigns that posed as well-known brands.
Next up is the American national bank Chase Bank. The financial institution's name was leveraged in 960 campaigns, accounting for more than 2% of last year's branded phishing attempts.
Chase Bank is closely followed by RingCentral, a provider of cloud-based phone systems. The RingCentral name was used in 807 or nearly 2% of 2020 brand spoofing campaigns.
Other brands that made it into the top ten include Internet fax service provider eFax, financial software provider Intuit, American healthcare company CVS, multinational financial services corporation American Express, as well as streaming platform and production company Netflix. Each of the company names mentioned was abused in about 1% of all branded phishing email campaigns last year.
In total, more than 12% of all phishing emails last year used brand spoofing as a tactic.
Technology was the most imitated industry of 2020
With the outbreak of the global pandemic, most of our lives were transferred online, and cybercriminals quickly took advantage of the situation by launching new scam schemes and phishing attacks. When it comes to the latter, scammers favored the brands and industries that people trusted the most during the pandemic.
Given that Microsoft is the most impersonated brand, it's not surprising that the tech sector dominated phishing emails last year. Tech companies such as Microsoft, Netflix, DocuSign, LinkedIn, Apple, Dropbox and ADP were used in about 72% of all phishing campaigns that mimicked existing brands.
The technology sector is followed by the telecommunications industry. Names of telecom industry leaders such as Zoom, RingCentral, eFax, Xerox, and AT&T took advantage of 14% of such phishing attempts in 2020.
Meanwhile, company names in the retail industry were used in 8.5% of such phishing attempts in 2020. Notable brands include the aforementioned Amazon and CVS, as well as Sam's Club and Walmart.
Finance was another sector favored by phishers. It was exploited in about 6% of all branded phishing attempts in 2020. Financial institutions such as Chase Bank, Intuit, American Express, PayPal, Citibank and Bank of America were among the favorites of criminals.
Finally, brands in the logistics sector, such as USPS, DHL and FedEx, were also abused. However, phishing campaigns posing as logistics companies accounted for less than 1% of all branded phishing attempts last year.
Source: AtlasVPN.
