Facebook is now the most impersonated brand, accounting for 14% of phishing pages. It is closely followed by Microsoft, Credit Agricole, WhatsApp, and La Banque Postale.
A new study examined around 185,000 phishing websites in 2021 and identified the top 20 most counterfeited firms, according to cybersecurity firm Vade.
In 2021, financial services were the most imitated sector, with 35% of phishing sites (24% compared to 2020). Scammers like to target Credit Agricole, La Banque Postale, Chase, PayPal, Wells Fargo, and MTB.
Vade claims that the COVID-19’s influence on the global economy has aided in the rise of financial services phishing.
“At the beginning of the crisis, businesses and citizens around the world took advantage of government-backed business loans and payment deferrals or “holidays” from consumer banks and credit unions. Crédit Agricole processed 211,000 applications for small to midsized business and small business and corporate loans, totaling €315 billion,” according to Vade.
The second most imitated sector, accounting for 24% of phishing sites, is social media. Facebook is a popular target for hackers looking to reach a larger audience because it has 2.8 billion users and numerous social enterprises under its corporate parent Meta.
“Additionally, 2021 saw a string of high-profile ups and downs for Facebook, from its starring role in politically charged arguments about freedom of speech to Facebook’s rebranding to Meta to its ongoing fight against misinformation. Cybercriminals are opportunists, and they have a strong preference for attacking brands during periods when the brand is top of mind with end-users,” Vade said.
Phishing sites may include a variety of elements that are designed to trick users into believing they are on a legitimate website. The most common goal is to elicit personally identifiable information, such as an email address or password. Attackers use this data to access other online accounts, launch identity theft attacks against the victim’s real identity and financial information, commit fraud
Microsoft is the second most imitated brand in phishing assaults and the first most imitated cloud brand, representing 13% of all attempted phishing attacks.
“From sporting events to holidays, to elections, current events capture the attention of users around the world. They present a prime opportunity for phishers to attack a wide pool of victims for whom the events are top of mind and are likely to respond to emails containing keywords and images associated with the event,” Vade stated.
We can anticipate attempts to steal credentials and money by leveraging the Ukraine conflict as a pretext. Countries have already discovered fraudulent websites purported to raise money for Ukraine that were actually set up to obtain funds.