A new report by global cybersecurity company Vade has revealed the top 10 most impersonated brands in phishing attacks during the first half of 2023. Facebook emerged as the most impersonated brand, followed closely by Microsoft. The report provides insights into phishing and malware trends in the first two quarters of the year.
Facebook and Microsoft continued to dominate as the most spoofed brands, collectively accounting for a significant portion of all phishing URLs. Facebook claimed 18% of all phishing URLs, while Microsoft accounted for 15%. In the second quarter, Microsoft surpassed Facebook due to a 22% quarter-on-quarter increase in spoofing attempts. These two tech giants together had more unique phishing URLs than the next five brands combined, which included Crédit Agricole, SoftBank, Orange, PayPal, and Apple.
The financial services sector remained the most impersonated industry throughout the first half of the year. In particular, SoftBank and Crédit Agricole experienced significant increases in phishing attempts. SoftBank, a Japan-based company, became the third most impersonated brand, with a mind-boggling 1500% quarter-on-quarter increase, resulting in 4591 unique phishing URLs. Crédit Agricole, a France-based bank, secured the third spot in the rankings, with quarter-on-quarter increases of 170% and 61% in the first and second quarters, respectively. Moreover, First Citizens Bank in the US encountered a 4000% increase in unique phishing URLs between Q1 and Q2.
The Phishing and Malware report also highlights the prominence of the financial services industry in phishing attacks, with over 33% of all phishing URLs targeting this sector. The social media and cloud industries followed closely, accounting for 22% and 21% of phishing URLs, respectively.
Both Microsoft and Google, known for their popular productivity suites, faced phishing attacks during the first half of 2023. Vade uncovered two attacks targeting Microsoft 365 users and two attacks exploiting Google services, including YouTube and Google Translate.
The report reveals other notable findings, including an increase in financial services brands among the top 25 most impersonated brands in the past three years, a slight increase in malware volumes from H2 2022 to H1 2023, the highest volume of phishing emails in January, and Facebook’s domination in the social media sector with 85% of its phishing URLs.
Vade is a fast-growing cybersecurity company that focuses on securing human collaboration by utilizing AI and human-powered detection and response. The company offers products and solutions that protect consumers, businesses, and organizations from various email-borne cyberattacks, including malware/ransomware, spear-phishing/business email compromise, and phishing. With a growing network of MSP and MSSP partners, along with distribution agreements worldwide, Vade aims to enhance cybersecurity and maximize IT efficiency for its clients.
For more information, the full H1 2023 Phishing and Malware Report can be accessed on Vade’s official website.