Check Point Research (CPR) has published new research into the biggest phishing scams in the second quarter of 2024.
According to CPR’s ranking, Microsoft is the most impersonated company, appearing in a whopping 57% of posts, while Apple comes in second with 10%.
There were also several newcomers to the top 10 list, with Instagram, WhatsApp and Adidas accounting for a combined 2.3% of threats.
Growing threats
The technology sector is still the most imitated sector. Major service providers are a popular target because they often store sensitive information such as financial information and personal data.
When cybercriminals impersonate Microsoft, they will typically create a threat for your device that requires you to download fraud protection software and ask you to follow a link or attachment. Fraudulent emails also frequently contain “Message Failure Delivery” notifications, which try to trick users into following a link to a website that closely resembles the Outlook login page, and trick them into giving up their login credentials.
Apple impersonators also often claim that a user’s Apple ID has been blocked or hacked. They then encourage users to click on their own link to log in to a fake login page.
Retail phishing scams often masquerade as fraudulent, branded purchasing sites that aim to trick users into entering their payment information.
Stay alert
Phishing attacks are designed to panic users and get them to follow instructions as quickly as possible, leading them to a fraudulent site to enter their account details.
“Phishing attacks remain one of the most widespread cyber threats and often form the starting point for much larger-scale campaigns throughout a supply chain,” warned Omer Dembinsky, Data Group Manager at Check Point Software.
Dembinsky advises users to always avoid clicking on unsolicited links, to thoroughly verify email addresses and to use Multi Factor Authentication. If you believe you have been sent a phishing scam, UK users can report it to the police via Action Fraud on report@phishing.gov.uk.
If you think you have been a victim of fraud, it is important to act quickly. Contact your bank and start an investigation into suspicious activity.