IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Microsoft remains the most-spoofed brand for the second quarter in a row

Malicious use of the tech giant's brand increased by 24% in the last quarter of 2020, according to Check Point

A sign in page for a Microsoft service

Microsoft ended 2020 as the brand most frequently targeted by cyber criminals, with 43% of all brand phishing attempts related to the tech giant in Q4.

This was a 24% increase from the third quarter of the year, which saw 19% of all attempts linked to the tech giant, according to Check Point research.

The attempts are from criminals looking to steal personal information or payment credentials by impersonating well-known brands that are likely to be used by the employee and their organisation.

The technology industry was the most likely to be targeted by 'brand phishing', according to Check Point, closely followed by retail and shipping. Across October, November and, December, Microsoft was the brand most often imitated by hackers.

An example of a phishing scam using Microsoft

"Criminals increased their attempts in Q4 2020 to steal peoples personal data by impersonating leading brands, and our data clearly shows how they change their phishing tactics to increase their chances of success," said Maya Horowitz, director, threat intelligence and research, products at Check Point.

"As always, we encourage users to be cautious when divulging personal data and credentials to business applications, and to think twice before opening email attachments or links, especially emails that claim to from companies, such as Microsoft or Google, that are most likely to be impersonated."

Shipping firm DHL was the second most-spoofed brand for the end of 2020, as criminals sought to take advantage of the significantly higher number of shoppers placing their orders online. Many of these attacks involved delivery failure notices, asking the target to pay a nominal fee to arrange a new delivery.

An example of a phishing scam using the DHL website

Google actually came 7th on the list with only 2% of all brand-related phishing in its name. Amazon ended the year in fourth with 5% while LinkedIn, a Microsoft-owned platform, was third with 6%.

IT Pro has approached Microsoft as the findings will be of huge concern to the tech giant, especially as phishing attempts in its name have doubled over a sixth month period.

Featured Resources

Activation playbook: Deliver data that powers impactful, game-changing campaigns

Bringing together data and technology to drive better business outcomes

Free Download

In unpredictable times, a data strategy is key

Data processes are crucial to guide decisions and drive business growth

Free Download

Achieving resiliency with Everything-as-a-Service (XAAS)

Transforming the enterprise IT landscape

Free Download

What is contextual analytics?

Creating more customer value in HR software applications

Free Download

Recommended

Education and government most at risk from email threats
phishing

Education and government most at risk from email threats

26 Nov 2021
Attackers use CSS to fool anti-phishing systems
phishing

Attackers use CSS to fool anti-phishing systems

11 Nov 2021
X-rated phishing attacks just keep growing
phishing

X-rated phishing attacks just keep growing

4 Jun 2021

Most Popular

Europe's first autonomous petrol station opens in Lisbon
automation

Europe's first autonomous petrol station opens in Lisbon

23 May 2022
Nvidia pauses hiring to help cope with inflation
Careers & training

Nvidia pauses hiring to help cope with inflation

23 May 2022
Open source packages with millions of installs hacked to harvest AWS credentials
hacking

Open source packages with millions of installs hacked to harvest AWS credentials

24 May 2022