Phishing scams are a constant threat, but have you ever wondered which brands scammers impersonate the most? New research by Mailsuite sheds light on this phenomenon, revealing the brands and industries most susceptible to imitation.
Mailsuite analyzed over 1.14 million reported phishing scams from January 2020 to March 2024, uncovering the impersonation trends. About 256 major brand names were analyzed for reported and verified phishing scams on PhishTank, excluding unreliable ones and matching each name to its headquarters country.
Here are the findings of their research.
Facebook/Meta is the top spoofed brand, used in around 10,457 verified phishing scams over four years. Apple and Microsoft follow closely behind, used in 9,110 and 4,518 scams, respectively. Amazon and eBay also make the top ten, with 8,919 and 2,080 verified phishing reports whereas Steam is among the top ten brands with 4,833 scams since 2020.
Japanese telecom firm au by KDDI is the most impersonated international brand, with 18,964 scams since January 2020, while Japanese payment brand JCB is the most impersonated banking/finance brand, with 14,907 instances. Train company JR East also had over 10,000 verified scams to its name.
British online role-playing game RuneScape is UK’s most impersonated brand whereas it was the second most impersonated brand globally in 2020. Three Polish brands are also part of the list.
The study revealed that over 27.93% of brand impersonation phishing scams involve IT & Technology brands followed by Banking & Financial Services (24.57%). Moreover, tech giants and the IRS have been the most common targets of phishing scams since 2020 and in 2022, Japanese brands experienced a surge in phishing scams, attributed to the Russian invasion of Ukraine and North Korean cyberattack group ‘Lazarus’ particular focus on this region.
Phishing emails rely on a single, crucial element: trust. Scammers leverage the reputation of well-known brands to trick victims into clicking malicious links or divulging personal information.
To stay phis-free, be sceptical of all emails, verify the information before clicking, and use unique and complex passwords for all online accounts. Stay informed and practice caution to reduce vulnerability to digital deceptions.
RELATED TOPICS
- Pop Culture Passwords Most Likely to Get You Hacked
- Check Point: Microsoft the Most Phished Brand in Q2 2023
- SSH Remains Most Targeted Service in Cado’s Cloud Report
- Google, Microsoft and Oracle generated most vulnerabilities
- Top 10 Android Educational Apps That Collect Most User Data
- Microsoft, PayPal, Facebook most targeted brands in phishing
- Signal, AI Gen Art Least, Amazon, Facebook Most Invasive Apps