phishing

It’s estimated that phishing is the starting point of over 90% of all attempted cyber-attacks, and Verizon’s 2019 Data Breach Investigations Report reflects that nearly one-third (32%) of actual data breaches involved phishing activity. What’s more shocking is that phishing was present in 78% of cyber-espionage incidents and the installation and use of backdoors to networks. 

Phishing and cyber-attacks are a reality and happen because most people make mistakes either because they are in a rush and their defences are lowered, or because they were too smart to fall for a phishing attempt (a recent study showed how we often fail to recognize risk in assessing our own actions, while spotting risk easier when assessing other people’s behavior). However, it is important to note that no one is immune especially when the criminals behind attacks impersonate familiar, trusted brands that we often interact with. 

‘Brand phishing’ involves the attacker imitating an official website of a known brand by using a similar domain or URL, and usually a web page similar to the original website. The link to the deceptive website can be sent via email or text message, a user can be redirected during web browsing, or it may be triggered from a fraudulent mobile application. In many cases the website contains a form intended to steal credentials, personal information or payments.

Google and Amazon lead, Apple falls

Check Point Research’s latest Brand Phishing Report for Q2 2020 shows that Google and Amazon were the most imitated brands in phishing attempts, while Apple (the leading phishing brand in Q1) fell to 7th place from the top spot in Q1.  The total number of Brand Phishing detections remains stable compared to Q1 2020.

Email phishing exploits were the second most common type after web-based exploits, compared to Q1 where email was third. The reason for this change may be the easing of global Covid-19 related restrictions, which have seen businesses re-opening and employees returning to work. 

For more detail on brand phishing statistics for Q2 2020 and examples of phishing campaigns which aimed to generate direct profit by impersonating Apple iCloud and PayPal visit: https://enterprise.verizon.com/resources/reports/dbir/

Total page visits: 692 Page visits today: 3 Total site visits: 216728
error: Content is protected