Byte-size Bulletins

80% of phishing attacks in 2020 impersonated Microsoft and Zoom

Written by Rachael Brown | Aug 10, 2021
 
 
Big name brands are often impersonated in phishing attempts. They wield an air of authority, garnering our trust. We see their names and logos everywhere, making them a familiar part of everyday life. 
 
All this means if you get an email from one of these companies, you're likely to open it. You're likely to read it.
 
You're likely to trust it
 
Meaning the use of these big name brands in phishing attacks, is truly a no-brainer. Which is why last year, over 12% of all last year's phishing emails used brand impersonation tactics.

But can you guess which brands were the most impersonated of 2020? 

Here's the top five, courtesy of Atlas VPN. 
 
1. Microsoft. The brand this year was used in a shocking  28,536 unique phishing attempts accounting for 70% of all last year's brand phishing campaigns. Unsurprising considering our rapid move to Teams during the pandemic. 
 
2. Zoom. The brand was exploited in 3,803 brand phishing campaigns, which constitute more than 9% of all such attempts.
 
3. Amazon. Jeff Bezos's gargantuan online retailer rockets into third place, with the brand name being used in 2,747 or nearly 7% of all phishing campaigns impersonating well-known brands.
 
4. Chase Bank. The financial institution's name was taken advantage of in 960 campaigns, which make up over 2% of last year's brand phishing attempts.
 
5. RingCentral. A cloud-based phone system provider, RingCentral's name was utilised in 807 or nearly 2% of brand impersonation phishing campaigns of 2020.
 
Other brand names that were heavily impersonated in 2020 include American Express, financial software provider Intuit and Netflix. All of which were exploited in around  1% of all brand phishing email campaigns last year.

With the eruption of the global pandemic, most of our lives transferred online, and cybercriminals were quick to take advantage of the situation by launching new scams and phishing attacks.
 
When it comes to the latter, fraudsters favoured brands and industries that people relied on the most during the pandemic. This is why technology companies dominated 2020 phishing attempts.
 
From Apple to DocuSign to LinkedIn to Microsoft, technology companies were used in 72% of all phishing campaigns that imitated existing brands.

The conclusion to draw from this?
 
If your business utilises the software of any of these major companies, you could fall foul of a phishing attack. Stay informed with cyber security news, keep a security-first mindset, and strive to safeguard your employees and systems against forms of social engineering like phishing. 
 
Photo by Sammy Williams on Unsplash