The job site and professional social network LinkedIn accounted for more than half of all brand phishing attacks during the first quarter of this year.
According to Check Point Research (CPR), this is the first time that LinkedIn has taken the top spot in its 2022 Q1 Brand Phishing Report. The professional social network was impersonated in 52 percent of all phishing attacks globally during Q1 which marks a dramatic, 44 percent increase from the previous quarter.
At the same time, CPR’s new report shows that cybercriminals now prefer to leverage social networks over shipping companies and tech giants including Google, Microsoft and Apple.
As for the rest of the companies whose brands are frequently used in phishing attempts, global shipping company DHL took the second spot at 14 percent, followed by Google (7%), Microsoft (7%) and FedEx (6%). Besides these companies, Amazon, Maersk, AliExpress, Apple and WhatsApp rounded out CPR’s top 10 list with Meta-owned WhatsApp accounting for almost 1 in 20 phishing-related attacks worldwide.
Brand phishing attacks
For those unfamiliar, in a brand phishing attack, cybercriminals attempt to imitate the official website of a well-known company by using a similar domain name and webpage design.
From here, links to fake websites are sent to targeted individuals by email or text message. These fake websites also often contain a form intended to steal user credentials, payment details or other personal information.
Data research group manager at Check Point Software, Omer Dembinsky explained in a blog post how the cybercriminals behind brand phishing attacks will also try to deploy malware on company networks in addition to stealing sensitive personal and business information, saying:
“These phishing attempts are attacks of opportunity, plain and simple. Criminal groups orchestrate these phishing attempts on a grand scale, with a view to getting as many people to part with their personal data as possible. Some attacks will attempt to gain leverage over individuals or steal their information, such as those we’re seeing with LinkedIn. Others will be attempts to deploy malware on company networks, such as the fake emails containing spoof carrier documents that we’re seeing with the likes of Maersk. If there was ever any doubt that social media would become one of the most heavily targeted sectors by criminal groups, Q1 has laid those doubts to rest.”
In order to avoid falling victim to brand phishing attacks, CPR recommends that users remain cautious when divulging personal data and credentials to business applications or websites, think twice before opening email attachments or links, look for misspellings in emails and the domains used by websites and beware of urgent requests such as "change your password now".
