Amazon was the most impersonated brand in email phishing attacks in 2021, according to a report from AtlasVPN. In 2018, 17.7 percent of brand phishing emails impersonated Amazon, while 16.5 percent impersonated the global logistics company DHL and 12.7 percent impersonated the eSign software company DocuSign.
Community payments platform PayPal came in fourth as its services were used in more than five percent of brand impersonation scams. Google (3%), LinkedIn (3.5%), Microsoft (3%), the web hosting provider 1&1 (2.5%) and British telecom O2 (2.3%) also made the list.
Malicious actors impersonating brands cast a net far and wide in the hope of catching victims with a believable narrative that allows quick and simple manipulation. Phishing attacks will always continue to follow brands that are well known as they often come with a higher chance of the victim owning one of the chosen accounts. Worldwide brands will also be more successful, as they let attackers cross borders with the same phishing campaigns.
Stealing data remains big business but it is important that people remain on alert for suspicious emails, making sure to analyse any branded email for spelling mistakes and double checking the sender address before taking any action.