Hackers majorly use Microsoft and DHL brands in phishing attacks

Microsoft and DHL in phishing attacks

Hackers majorly use the Microsoft and DHL brands in phishing attacks. In Q4 2020, cybercriminals used more brands from the tech industry, followed by shipping and retail businesses.

Information security researchers from the Check Point Software team said that phishers love the Microsoft brand. 43% of all attempts at phishing attacks were associated with it – attackers tried to influence people working remotely during the second wave of the pandemic.

Top brands most frequently used in phishing attacks:

  1. Microsoft (43% of all phishing attacks attempts with the use of brand names worldwide)
  2. DHL (18%)
  3. LinkedIn (6%)
  4. Amazon (5%)
  5. Rakuten (4%)
  6. IKEA (3%)
  7. Google (2%)
  8. Paypal (2%)
  9. Chase (2%)
  10. Yahoo (1%)

How a brand-based phishing attack works

In a phishing attack that is using brands, criminals try to imitate the official website of a well-known company using a domain name, URL and design similar to the original website.

Victims can receive a link to the fake page via email or SMS. They can also be redirected to a phishing site while browsing the web or from a malicious mobile application. Fake sites often contain a form designed to steal credentials, billing information or other personal information.

In Q4 2020, cybercriminals stepped up their attempts to steal people’s personal data, posing as well-known brands. Our data shows how they change their attack tactics to achieve maximum results. As always, we urge users to be extremely careful when entering sensitive data into business applications. Think twice before opening email attachments and following links. Be especially careful if you see emails that claim to be from Microsoft or Google. With a high degree of probability, these letters may also be from cybercriminals.says Check Point Software Technologies representative.

Examples of phishing attacks using brands:

A phishing email allegedly from DHL – an example of password theft

In November, Check Point researchers noticed a malicious phishing email that used the DHL trademark. Then the attackers tried to steal user passwords. The email that came from a fake email address [email protected] contained the following text:

“RE: Your DHL Parcel (available to receive) – []”. Cybercriminals tried to trick the victim into clicking a malicious link that redirected to a fake login page. There, the user had to enter his password, which would then be sent to the attackers’ site.

Microsoft and DHL in phishing attacks

Phishing email allegedly from Microsoft – an example of credential theft.

In December, Check Point researchers discovered a malicious phishing email that attempted to steal user credentials from a Microsoft Office 365 account. In the subject of the email was indicated: “Daily Document Delivery # – “, and the content that mimicked eFax. After the user clicked on the link, he was lead to another document that redirected the user to a fake Microsoft login page.

Microsoft and DHL in phishing attacks

Let me remind you that I talked about cybercriminals that started using Google services more often in phishing campaigns.

By Vladimir Krasnogolovy

Vladimir is a technical specialist who loves giving qualified advices and tips on GridinSoft's products. He's available 24/7 to assist you in any question regarding internet security.

Leave a comment

Your email address will not be published. Required fields are marked *