Facebook and Microsoft are the most popular phishing bait

A new report reveals the most impersonated brands in phishing attacks for the first half of 2023, with Facebook taking the top slot, followed by Microsoft.

The report from email security company Vade, shows Facebook accounted for 18 percent of all phishing URLs and Microsoft for 15 percent. Taken together these two accounted for more unique phishing URLs than the next top five brands combined (Crédit Agricole, SoftBank, Orange, PayPal and Apple).

Finance remains the most targeted industry with French bank Crédit Agricole and Japan-based SoftBank in third and fourth places overall. US-based First Citizens Bank also experienced a 4000 percent increase in unique phishing URLs between Q1 (12) and Q2 (502). Finance as a sector accounted for more than 33 percent of all phishing URLs, followed by the social media (22 percent) and cloud (21 percent) industries. Also more financial services brands were among the top 25 most impersonated brands than in any quarter in the past three years.

Productivity suites are also a prime target. In Q2 Vade uncovered two attacks targeting Microsoft 365 users and two attacks exploiting Google services, including YouTube and Google Translate.

Where social media is concerned Facebook top of the phisherfolk's target list, accounting for 85 percent of the sector's phishing URLs over the report period.

The report’s authors conclude, "Email remains the most popular channel for distributing phishing and malware threats. That's not likely to change anytime soon, as the communication method provides hackers with a direct and convenient channel to exploit the greatest weakness in your attack surface (users). And with the rise of productivity tools, email is becoming more important and vulnerable than before."

You can find out more on the Vade blog.

Image credit: weerapat/depositphotos.com