November 26, 2020

Statistics show that Microsoft is the most impersonated brand in phishing attacks

2 min read

A few days ago, Checkpoint released the latest statistics on phishing reports, which cover common phishing methods such as email phishing and building phishing websites.

Under normal circumstances, phishing websites like to impersonate a variety of well-known companies, because impersonating a well-known company can help increase credibility and reduce the user’s awareness of vigilance.

This is also true of brands such as Microsoft, Google, Facebook, Apple, Netflix, and some logistics companies that hackers often use for phishing.

Statistics show that phishing activities pretending to be Microsoft have surged in the 2020Q3 quarter. In the statistical brand, hackers pretending to be Microsoft phishing accounted for 19%.

Internal Revenue Service phishing

“Phishing warning” by Christiaan Colen is licensed under CC BY-SA 2.0

Such as DHL and Google accounted for 9% each, impersonating PayPal and Netflix each accounted for 6%, impersonating Facebook, and Apple each accounted for 5%, impersonating Amazon accounted for 4%.

Why is there a surge in phishing activities posing as Microsoft brands? Unexpectedly, this is also related to the new coronavirus epidemic.

Many companies choose Microsoft 365 services to allow employees to work remotely from home, and these phishing activities pretend to be Microsoft to try to obtain corporate employee login credentials.

Generally, hackers will pretend to be corporate administrators in emails and ask employees to click on links for so-called security authentication, and linking phishing websites is modeled after Microsoft.

When employees of an enterprise believe in such emails and phishing websites and fill in their account passwords, hackers will immediately receive and penetrate the enterprise to launch attacks.

In a sense, it is difficult for many corporate employees to distinguish between phishing websites and phishing emails.

Microsoft recommends that users enable multi-factor authentication. Enterprise administrators can configure multi-factor authentication to force it to be enabled, and then additional verification must be performed for employee login.

For example, a dynamic verification code, a dynamic verification request, or authentication through other methods are generated through the Microsoft Identity Verifier, even if the password is leaked, there is no fear of hacker attacks.

Microsoft also reminds users to be vigilant whether they receive emails claiming to be from Microsoft or Google, especially before clicking on various web links, please think twice.