It is no secret that cybercriminals often pretend to be someone they are not to lure out people’s money or valuable information, and what can be better used for this purpose than a well-known and trusted brand?
According to the data presented by the Atlas VPN team, Microsoft and Zoom were the most commonly impersonated companies in the phishing attacks in 2020. In total, 80% of all last year’s brand email phishing campaigns imitated Microsoft or Zoom to scam victims.
Multinational technology company Microsoft was a definite leader over the other brand impersonators. The brand was used in a whopping 28,536 unique phishing attempts accounting for 70% of all last year’s brand phishing campaigns.
However, Zoom, which exploded in popularity amid the pandemic when all the industries turned to remote video communication tools, came in second. It was exploited in 3,803 brand phishing campaigns, which constitute more than 9% of all such attempts.
In the meantime, the third spot in the list is occupied by the world’s largest online retailer Amazon. Amazon’s brand name was taken advantage of in 2,747 or nearly 7% of all phishing campaigns impersonating well-known brands.
In total, over 12% of all last year’s phishing emails used brand impersonation as their tactics.
Technology was the most impersonated industry of 2020
With Microsoft being the most phished brand, it is not surprising that the technology sector dominated phishing emails last year. Companies in the technology sector, such as Microsoft, Netflix, DocuSign, LinkedIn, Apple, Dropbox, and ADP, were exploited in close to 72% of all phishing campaigns that imitated existing brands.
The technology sector is followed by the telecommunication industry. Names of telecommunication industry leaders, such as Zoom, RingCentral, eFax, Xerox, and AT&T, were used in close to 14% of such phishing attempts in 2020.
Meanwhile, companies’ names in the retail industry were utilized in 8.5% of such phishing attempts in 2020. Notable brands include the already mentioned Amazon and CVS, as well as Sam’s Club and Walmart.
Ruth Cizynski, the cybersecurity researcher and writer at Atlas VPN, shares her thoughts on the situation: “With the eruption of the global pandemic, most of our lives transferred online, and cybercriminals were quick to take advantage of the situation by launching new scam schemes and phishing attacks. When it comes to the latter, fraudsters favored brands and industries that people were relying on the most during the pandemic.”