Back on the Beaten Path – Phishers Return to Impersonating Famous Brands as COVID Ends, Bitdefender Reveals
Phishing remains a leading attack vector in social engineering scams targeting consumers worldwide. With the hype around COVID drawing to a close in 2022, scammers are less focused on impersonating pharma and .gov entities. Instead, they’re back on the beaten path, returning to tried-and-tested avenues, spoofing major brands and industries that consumers use every day.
In the six months from May to October this year, data from Bitdefender’s Antispam Lab reveals that threat actors have rejuvenated their spam and phishing campaigns, impersonating dozens of international brands. Here, we cut the list to a manageable top 15:
Amazon & DHL
Likely the most consistently phished brands over the years, Amazon and DHL took the top two spots across the six-month period. Overall, Amazon-themed scams took the top spot, with a 43.79% share. DHL campaigns made second place, with 23.11%.
In May, a quarter of all phishing campaigns caught in Bitdefender’s global net were DHL-themed, with scammers spoofing the German company’s logistics, courier, package delivery and express mail services.
Amazon’s e-commerce, cloud computing, online advertising and digital streaming services were impersonated 27% of the time. Between the two of them, DHL and Amazon accounted for more than half of all phishing attacks targeting consumers in May.
While DHL followed a similar path throughout the six months, Amazon-themed campaigns nearly doubled in the Jun-Oct time-frame, peaking in October with a 56.8% share.
Scammers are back to pumping resources into spoofing the products and services of household tech companies – especially their support platforms – using spray and pray techniques to get consumers to divulge their personal data, passwords and even financial information.
As a standalone brand name, Microsoft comes third overall on our list, with a 13% share. The figure is higher if we factor in the 2.2% additional scams impersonating the Microsoft-owned collaborative platform Sharepoint – often through business email compromise (BEC) attacks.
Internet behemoth Google sits in the seventh position on our list, with a rather small 1.3%share. Google-themed scams spoof the web giant’s vast array of services, most often seen by our engines as targeted attacks impersonating Gmail, Google Drive and YouTube. Spam campaigns leveraging Google as a brand often use actual Gmail addresses to avoid detection by security solutions, often delivering tainted Google Docs and redirecting links.
Apple impersonation takes the 10th spot on our list. While 0.7% is not a huge share, the figure corresponds to a plurality of daily phishing attacks targeting Apple users with scary messages claiming to come from Apple Support, fake iCloud receipts, or fake deals advertising Apple gear. The numbers are likely much higher, considering that not everyone has a security solution installed to detect and log these attacks. In fact, many people don’t even use one.
Once the go-to brand impersonated to deliver fake, malware-laced Flash downloads, Adobe is now a mere blip on the radar. Yet scammers still leverage its legacy to target unsuspecting victims.
Emails purporting to come from Adobe often encourage the victim to interact with the tainted contents of the message, whether it’s a link to a spoofed Adobe site designed to harvest the user’s data, an infected file download or an Adobe eSign request.
Adobe-themed scams make up a relatively small 0.38%of all email-borne scams tracked over the six months.
Considering Facebook’s influential presence on the web, the platform’s impersonation rate is surprisingly small – at least compared to other brands – amassing just 0.17%. But in that apparently diminutive window of opportunity, attacks unfold daily, either impersonating Facebook itself with fake support messages like “your account has been compromised,” or riding on Facebook-centric features, like login-with-Facebook.
Streaming giant Netflix takes fourth spot, with 7.6% of scams over the six months impersonating its brand. Attackers spoofing Netflix do exactly what you’d expect – they seek the target’s username and password.
Banks and financial services
Banking and financial services are among the most besieged areas when it comes to brand impersonation, and it’s no surprise that our top list features not one, but six players in this sector: Standard Bank (4.29%), Bank of America (1.01%), Wells Fargo (0.88%), PayPal (0.58%), Western Union (0.22%) and HSBC Bank (0.15%). Between the six of them, banking as a sector accounts for 7.13% of phishing attacks targeting people’s card data or login credentials, or going straight for their wallet with urgent wording and fake dues.
Bitdefender recommends users deploy a trusted security solution on their computers and phones to filter out scams from legit communications with the brands they do business with. Bitdefender home solutions cover both desktop and mobile devices and protect users against phishing, malware and digital identity theft. Learn more at: https://www.bitdefender.com/solutions/.
Enhance your cyber resilience and privacy on Computer Security Day in four easy steps
November 29, 2022
How to monitor your online privacy during your Thanksgiving trip
November 22, 2022
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info
November 16, 2022
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be
November 14, 2022
Cyber Tips for a Spook-Free Halloween
October 26, 2022
August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War
August 31, 2022