Microsoft was the most impersonated brand in phishing attacks in 2021
Phishing actors frequently impersonate well-known brands, taking advantage of consumer trends to scam unsuspecting customers. Productivity tools, illegal streaming sites, retail sites, social media, finance, and many other services are often imitated brands.
According to the recent findings by the Atlas VPN team, Microsoft and illegal streaming sites were the most impersonated brands in phishing attacks in 2021. Furthermore, the retail and government sectors experienced the most significant growth in phishing attacks last year.
The data is based on the 2022 ThreatLabz Phishing Report from Zscaler. The research looks at a year’s worth of global phishing data from the Zscaler cloud to identify critical trends, industries, geographies at risk, and emerging tactics.
Cybercriminals impersonated Microsoft product pages in 36.6% of phishing attacks in 2021. Besides Microsoft login websites, other products include OneDrive and 365 Office. Microsoft has a wide range of products used by millions of users globally who could become potential victims of a phishing attack.
Threat actors imitated illegal streaming websites in 13.6% of phishing attacks. Usage of illegal streaming sites increased due to the pandemic, as people were left in their homes with nothing to do. Illegal streaming websites are generally dodgy, as they do not have decent security. However, when cybercriminals put their hands on them, it is a disaster waiting to happen.
COVID-19-themed phishing attacks accounted for 7.2% of social engineering scams. COVID-related phishing websites can be exceptionally deceptive to internet users as they are relatively new. Most people do not know the differences between legit and phishing websites, meaning that threat actors can use newly registered domains without causing concern.
Cybercriminals impersonated Telegram in 6.5% of phishing attacks. At the same time, Amazon-related phishing attacks accounted for 5.8% of social engineering attacks. Other notable brands such as PayPal, Binance, Google, and Facebook were imitated by threat actors in less than 3% of attacks.
Phishing targets retail businesses and government
Threat actors launch phishing attacks on industries that hold large amounts of sensitive customer information. By employing social engineering mechanics in the attacks, cybercriminals send out emails and create fake websites looking for possible victims.
The retail and wholesale industry suffered 436% more phishing attacks in 2021 than in 2020. Threat actors capitalized on the pandemic when people started shopping online more often. When phishing attacks target retailers, the actual losses are consumer trust and brand reputation.
Phishing attacks on the government sector increased by 110% in 2021. State-sponsored threat actors usually perform cyberattacks against the government. By targeting foreign affairs or defense ministries, cybercriminals are trying to steal classified information or get access to the network to launch more malicious attacks.
The finance and insurance industry experienced a 101% jump in phishing attacks in 2021. Phishing attacks on education organizations rose by 32% in 2021 compared to 2020. At the same time, the manufacturing industry suffered 6% more social engineering attacks.
On the other hand, a couple of industries experienced some relief from phishing attacks in 2021. Cybercriminals targeted the technology and communication industry 15% less than in 2020. Phishing attacks on the services industry fell by 33%. Finally, the phishing rate in the healthcare industry dropped by 59%.
Phishing attacks require the user to recognize and evaluate the potential danger. However, people are prone to making mistakes, and a well social engineered attack could trick almost anyone. Therefore, being aware of how phishing attacks work is essential when mitigating threat risks.