Apple is the most imitated brand for phishing attempts, says Check Point Research. The Q1 2020 Brand Phishing report shows that Apple jumped from seventh place to the top of the rankings. In a brand phishing attack, criminals try to imitate the official website of a popular brand. They do so by using a similar domain name and by copying the web page design. The report notes that 10 percent of all brand phishing attempts were related to Apple.
The iPhone maker was also the most frequently targeted brand by cybercriminals. In comparison, only 2 percent of all brand phishing attempts were related to Apple during Q4 2019. Netflix took the second spot with 9 percent of all phishing attempts during the first quarter of this year. The report also notes that 59 percent of these phishing attacks were on the web while 23 percent were on mobile. The remaining 18 percent of the phishing attacks happened over email.
Web phishing remains the most common attack vector compared to the fourth quarter of last year. The change in behavior of the attacker is due to the spread of COVID-19 pandemic. The report by Check Point Security notes that cybercriminals are taking advantage of the situation. Apple was targeted the most via phishing attacks happening on the web. It was followed by Netflix, PayPal and eBay.
“Phishing will continue to be a growing threat in the coming months, especially as criminals continue to exploit the fears and needs of people using essential services from their homes. As always, we encourage users to be vigilant and cautious when divulging personal data,” said Maya Horowitz, Director, Threat Intelligence & Research, Products at Check Point.
On mobile, Netflix took the top spot but it was followed by Apple, WhatsApp and Chase. When it comes to email, Yahoo took the top spot. It was followed by Microsoft, Outlook and Amazon. The report also notes that Chase Bank brand was the third most targeted brand with threat increasing from 3 percent to 5 percent. Technology, Banking and Media were the industries most affected by this phishing attack. From Netflix fraudulent domain names to Chase login page designed to credentials theft, the examples are a plenty.