Expert Reaction On Microsoft Remained Most-spoofed Brand At End Of 2020

Microsoft ended 2020 as the brand most frequently targeted by cyber criminals, with 43% of all brand phishing attempts related to the tech giant in Q4, according to IT Pro. This was a 24% increase from the third quarter of the year, which saw 19% of all attempts linked to the tech giant. The attempts are from criminals looking to steal personal information or payment credentials by impersonating well-known brands that are likely to be used by the employee and their organisation. Shipping firm DHL was the second most-spoofed brand for the end of 2020, as criminals sought to take advantage of the significantly higher number of shoppers placing their orders online. Many of these attacks involved delivery failure notices, asking the target to pay a nominal fee to arrange a new delivery. Google came 7th on the list with only 2% of all brand-related phishing in its name, while Amazon ended the year in fourth with 5% and LinkedIn was third with 6%.

Experts Comments

January 15, 2021
Jake Moore
Cybersecurity Specialist
ESET

Unfortunately, threat actors continue to hide behind and exploit well-known brand names because it is so highly effective. However, companies that are highly targeted, such as Microsoft and DHL, can offer some reassurance to their customers by adhering to a few basic rules. 

 

While reminding their customers that phishing emails are often inevitable, these organisations must attempt to reduce the number of links in their own, legitimate messages, as this will mean that phishing emails look less

.....Read More

Unfortunately, threat actors continue to hide behind and exploit well-known brand names because it is so highly effective. However, companies that are highly targeted, such as Microsoft and DHL, can offer some reassurance to their customers by adhering to a few basic rules. 

 

While reminding their customers that phishing emails are often inevitable, these organisations must attempt to reduce the number of links in their own, legitimate messages, as this will mean that phishing emails look less authentic.  

 

If links have to be sent within any communications – such as redelivery links – then companies must reduce the amount of personal data required and, at the same time, remind their customers that they will never ask for anything else, especially payment.

  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.