The 3rd quarter of 2020 has revealed that industry giant Microsoft is the most imitated presence by hackers to lure users out of personal data and payment credentials, according to cyber security behavior analytics.
With a larger number of employees still working remotely, cyber criminals have found a feeding ground to capitalise on vulnerabilities with Microsoft appearing in 19% of all brand phishing attempts around the world.
In the brand phishing attack, these criminals imitate microsoft’s official website with a similar domain name or URL complete with web page design mimicking the real site.
By targeting the individuals through email or test message, users are redirected to the phony site during web browsing or triggered from fraudulent applications. The mimicked site contains a form intent on stealing user’s credentials as well as payment details.
This development has raised Microsoft to top place for brand phishing attacks for Q3.
Although Microsoft sits atop of the most compromised attacks for Q3 it does not sit alone, with giants DHL, Paypal, Google, Facebook, Netflix, WhatsApp, Apple, Instagram and Amazon all on the list also.
DHL are a new entry in the top rankings trailing only Microsoft with 9% of all phishing attempts this quarter. With remote working being the focal point of hackers, companies around the world have had to adopt the policy of their workforce having to work from their homebase for possibly the first time.
This opens up the floodgates for hackers to target individuals at home who matt not have the correct security measures in place to handle a cyber attack, leaving their companies vulnerable to data theft and phishing.
By being able to hone in on unprecedented opportunity to access company data away from the main company servers, hackers are able to structure an imitation of sites such as Microsoft and the unsuspecting workers unable to comprehend this level of attack.
It is suspected that this new surge in phishing will continue and evolve from this point, to where industry giants will have to step ahead on an already smart cybercriminal force and implement new measures in security. The extra security and care of workers in receiving any emails in regards to their company accounts is of paramount importance.
Q3 saw a dramatic rise in brand phishing to become the most prominent form of hacking activity with 44% of accounted attacks being identified as such, followed by web phishing at 43%. The top brands currently targeted are Microsoft, DHL and Apple.