Fishing attacks remain one of the most common cyber threats and are often the beginning of larger campaigns in the supply chain. Recently, Check Point Research (CPR), a division of threat analysis of Check Point® Software Technologies Ltd., published the latest findings on cybercriminals in the second quarter of 2024. This report highlights which companies are most frequently targeted by attackers to deceive users and steal personal information or payment data.
The second quarter of 2024 revealed that Microsoft remains the most impersonated brand, accounting for 57% of all phishing attempts. Apple came in second with 10%, moving up from the fourth position it held in the first quarter of the year. Linkedin maintained its third position with 7% of phishing attacks. Additionally, for the first time since 2022, the TOP-10 list included brands like Adidas, WhatsApp, and Instagram.
The technology sector continues to be the most targeted industry in phishing attacks, followed by social networks and the banking sector. Companies in the technology sector, such as Microsoft, Google, and Amazon, are attractive targets for attackers due to the sensitive data they store and the access they provide to other accounts.
Recommendations for protection
To protect against phishing attacks, it is advised to always verify the sender’s email address, avoid clicking on suspicious links, and enable multi-factor authentication (MFA) on your accounts. Regularly updating security software can also help in identifying and blocking phishing attempts.
TOP-10 brands targeted in phishing attacks in the second quarter of 2024:
- Microsoft (57%)
- Apple (10%)
- Linkedin (7%)
- Google (6%)
- Facebook (1.8%)
- Amazon (1.6%)
- DHL (0.9%)
- Adidas (0.8%)
- WhatsApp (0.8%)
- Instagram (0.7%)
Phishing campaigns under the guise of Adidas
In the second quarter, Check Point Research identified several phishing campaigns