Google and Amazon were the most imitated brands used by cyber criminals for phishing scams in the June quarter, according to Check Point's brand phishing report for Q2.

Apple which was the most imitated brand name in March quarter has now slipped to 7th position with just 2% of phishing scams globally involving their brand name. Google and Amazon, on the other hand, accounted for 13% of phishing scams each. WhatsApp and Facebook (9%) and Microsoft 7% were the other leading tech companies whose brand names were imitated for the scams.

Brand phishing is widely used by hackers to imitate official websites of reputed brands by using a domain or URL that may sound very similar to their original website. Hackers then try to lure users on to the fake websites with the objective of stealing login credentials, personal information and payment details.

“Cyber criminals continue to focus on tricking us through the household names we trust - think Google, Amazon and WhatsApp. I’d think not twice, but three times before opening up a document in email, especially if it’s allegedly from Google or Amazon," Lotem Finkelsteen, Manager of Threat Intelligence at Check Point said in a statement.

The report shows that after web based exploits, email phishing exploits were the most common (24%), as compared to March quarter when email was at third position. Researchers at Check Point have attributed the change to relaxation of lockdown and other restrictions after covid-19 outbreak. As businesses are re-opening and employees going back to work, the email attacks are back in vogue.

Almost 15% of the phishing attacks targeted mobile devices with Facebook, WhatsApp and PayPal emerging as the most imitated brands on smartphones.

Finkelsteen expects email phishing attacks will grow further in the second half of 2020 and may lead to a cyber pandemic. "To stay safe, I’d use only authentic websites, beware of special offers, and watch for lookalike domains as much as possible," cautions Finkelsteen.

According to Check Point, more than 90% of all attempted cyberattacks are started through phishing scams and as per Verizon, 32% of data breaches are triggered through phishing scams.

Subscribe to newsletters * Enter a valid email * Thank you for subscribing to our newsletter.

Share Via

Click here to read the Mint ePaperLivemint.com is now on Telegram. Join Livemint channel in your Telegram and stay updated