Cybercriminals are always trying to profit from their attacks, one of the most popular today is phishing. Recently, a report found that phishing attacks are targeting Microsoft as the favorite company to carry them out. The report we are talking about is from the security company CheckPoint Security . In it, it is clear that Microsoft was the brand most supplanted by the attackers. Its objectives are basically two, the first of them to steal the credentials of the accounts to be able to take possession of them, the second objective is to obtain information on the payment methods of the victims. Today in this article we are going to talk about these phishing attacks that affect Microsoft the most.
Cybercriminals are becoming more resourceful when it comes to carrying out their attacks. We recently learned how a security awareness email was actually a phishing attack. These phishing attacks target Microsoft. If we clicked on the link in the conscience e-mail, we were directed to a Russian URL. There it asked us to log in with our Outlook username and password to start the supposed training course.
If you want more information about that awareness email that was really a phishing fraud, click here .
Check Point’s report on brand identity theft
In case you don’t know, Check Point is a security company specialized in networks. Its products are oriented to the security of our networks, clouds and mobiles, seeking their protection. The brand identity theft report for the third quarter of 2020, revealed the brands that criminals used most frequently Microsoft, of course, their intentions were to steal personal information or payment credentials from their victims.
Another noteworthy fact is that the industry most likely to suffer a brand phishing attack were technology companies, then banking companies, and then social media companies. We must also highlight the changes caused by the coronavirus pandemic, in which the ways of doing things have changed. Now we are learning to properly use remote work technology, the use of online banking and also social networks. Phishing attacks target them.
Microsoft at the forefront of brand phishing attacks
According to the Checkpoint report in the third quarter 2020 Microsoft has been the brand most attacked by cybercriminals . In this sense, it should be noted that, in the second quarter , it ranked fifth with 7% of all brand phishing attempts worldwide. As can be seen in this short period of time, things have changed a lot.
Thus, during the third quarter of 2020 we can point out that 19% of phishing attacks had this technology and software giant as their main element. In addition, it should be noted that they sought to make these attacks profitable because many people continued to telecommute as a result of Covid-19. As for email phishing, it was 44% , and affected by this order: Microsoft, DHL and Apple. Check Point investigators witnessed a fraudulent phishing email that attempted to steal Microsoft account credentials. The attacker was trying to trick the user into clicking on a link that would redirect the victim to a fake Microsoft login page.
Regarding web phishing, it was 43% and the most affected was Microsoft, then Google and thirdly PayPal. Finally, the remaining 12% of all phishing attacks during the third quarter of 2020 corresponded to the mobile sector. Here it no longer seems Microsoft, and has been replaced by companies such as WhatsApp, PayPal and Facebook.
Other companies affected by phishing attacks
As we have already discussed, phishing attacks are focused on Microsoft at 19% , but there are other large companies with also significant percentages. Others are DHL with 9% , Google with 9% , PayPal with 6%, Netflix with 6%, Facebook with 5%, Apple with 5%, WhatsApp with 5%, Amazon with 4% and Instagram with 4%. We’re going to end up with a malicious phishing email, supposedly sent by Amazon, in order to steal the victim’s financial information.
The email commented that the Amazon account was disabled due to too many login failures. It then pointed the victim to a fake Amazon billing center website to enter billing information. In this article we recommend reading this article that explains how to protect ourselves from phishing attacks .