When launching their cybetting campaigns, it is quite common for criminals to go through important companies with which the user has hired some service. As has happened regularly in recent years, Microsoft continues to be the most supplanted brand to carry out ‘phishing’ type cyber attacks, in which criminals try to deceive their victims through email to steal data and money.
Specifically, the American technology was supplanted in 32 percent of all scam attempts in the fourth quarter of 2024, followed by Apple and Google with 12 percent, and LinkedIn with 11 percent.
The Threat Intelligence Division of the Czegurity Company Check Point has published the results of its Brand Phishing Report report, which highlights the most supplanted brands by cybercriminals during the fourth quarter of 2024, in their attempts to steal personal or credential information of payment through ‘phishing’ attacks.
That is, a type of social engineering fraud with which malicious actors send emails that supplant the identity of public companies or organizations. By impersonating these companies, they deceive users requesting personal information to, for example, access their banking data.
In this regard, from Check Point they have confirmed that Microsoft has remained the most used brand in the ‘phishing’ scam attempts at the global level, with 32% of the total ‘phishing’ records identified during the fourth quarter of 2024, however, has registered 1% less impersonations as in the same period of 2023.
The second most impersonated brands have been Google and Apple, other usual of these rankings. Each of them has been used by criminals in 12% of registered impersonations. In the case of the bite apple brand, it has also maintained its position with respect to the data registered in 2023, however it has experienced a growth of 3%.
The LinkedIn platform has re -entered the list of the most supplanted brands in ‘phishing’ (11%) and, somewhat further away, they have also identified impersonations of electronic commerce brands such as Alibaba (4%) and Amazon (2 %), and social networks such as WhatsApp (2%), Twitter (2%), Facebook (2%). All of them are common from these rankings. The adobe brand (1%) has also been found.
These results highlight how the technological sector has been the most supplanted at the end of last year, followed by social networks and retail trade.
Nike and Adidas
In addition to this list of the ten most impersonated brands, the cybersecurity company has also indicated that, coinciding with the Christmas season, several phishing campaigns related to well -known clothing brands were identified. Specifically, these campaigns were aimed at ‘online’ buyers, and they imitated brands such as Nike, Adidas, Lululemon, Hugo Boss, Guess and Ralph Lauren.
As detailed, web domains have been found to deceive users making them believe that they were official platforms of the aforementioned brands. In the case of Nike, false domains were used and the same has happened in the case of Adidas.
Paypal and Facebook
Following this line, Check Point has also shared other examples of supplantation recently identified, which shows the effectiveness of these ‘phishing’ attacks, as is the case of Paypal and Facebook.
As explained by the company, in the identified case of PayPal, the malicious actors have created a malicious web page that operated under the domain ‘Wallet-Paypal[.]Com
However, once users enter their data to log in to the false website, cybercounts take the opportunity to steal their personal and financial information.
In the same way, cybersecurity experts have recently identified a case of Facebook impersonation. This is the fraudulent ‘svfacebook website[.]Click ‘, which mimics the login page of the goal social network.
Thus, the web asked the victims to introduce personal information, specifically, their login credentials, with their email and password, to steal such data. However, domain is no longer active.
With all this, Check Point Software technical director for Spain and Portugal, Eusebio Nieva, has stated that the persistence of ‘phishing’ attacks that use known brands to deceive users “underlines the importance of education and measures advanced security ».
In this framework, Nieva recommends verifying email sources, avoiding unknown links and enabling multifactor authentication (MFA). “They are crucial steps to protect the personal and financial data of these threats constantly evolving,” he said.
#Microsoft #Apple #brands #supplanting #steal
