Check Point Research, the Threat Intelligence arm of Check Point Software Technologies Ltd. a leading provider of cyber security solutions globally, has published its new Brand Phishing Report for Q4 2019. The report highlights the brands which were most frequently imitated by criminals in their attempts to steal individuals’ personal information or payment credentials during Q4, which includes the busiest online shopping periods of the year.
In a brand phishing attack, criminals try to imitate the official website of a well-known brand by using a similar domain name or URL and web-page design to the genuine site. The link to the fake website can be sent to targeted individuals by email or text message, redirected during web browsing, or triggered from a fraudulent mobile application. The fake website often contains a form intended to steal users’ credentials, payment details or other personal information.
Top phishing brands in Q4 2019
The top brands are ranked by their overall appearance in brand phishing attempts:
- Facebook (related to 18% of all brand phishing attempts globally)
- Yahoo (10%)
- Netflix (5%)
- PayPal (5%)
- Microsoft (3%)
- Spotify (3%)
- Apple (2%)
- Google (2%)
- Chase (2%)
- Ray-Ban (2%)
Top phishing brands by platform
During Q4 there were significant differences in the brands being used in each phishing vector: for example the focus in the mobile vector was on major technology & social media brands as well as banks, while in the email vector, #2 was part of a shopping phishing campaign before Black Friday in November 2019.
Email (27% of all phishing attacks during Q4)
- Rbs (Ray-Ban Sunglasses)
Web (48% of all phishing attacks in Q4)
Mobile (25% of all phishing attacks in Q4)
- Chase Mobile Banking