PayPal has knocked Microsoft off the top spot to become the brand most imitated in phishing attacks.
The payment facilitator was accorded this dubious honor today with the publication of Vade Secure's Phishers' Favorites report for Q3 2019.
Researchers analyzed data from more than 600 million protected mailboxes worldwide to determine which organizations email scammers deign to pose as most frequently. The resulting report lists the 25 most aped organizations.
Pole position was tenaciously held by Microsoft for five consecutive quarters before PayPal bumped the famous software vendor down to second place in the third quarter of 2019.
"You can no longer identify phishing based on poor design, typos, or bad grammar; they’re well designed and well written," Adrien Gendre, Vade Secure’s chief solutions architect, told Infosecurity Magazine.
"When I speak at conferences, I like to show a slide with two Office 365 login pages: one is real and the other is phishing. Most of the time, the audience picks the wrong one. And the reason is because phishers often pull JavaScript, CSS, and other resources directly from the legitimate Microsoft website."
Cozying up into third position is streaming giant Netflix, which has been impersonated more and more with each passing quarter over the past year and a half. Gendre speculated that the increase in the number of attacks is tied to the company's content release schedule.
"Cybercriminals certainly have their finger on the pulse of current events and social trends, and they create and time their attacks accordingly," said Gendre.
"Leading up to the launch of a new iPhone, we typically see a spike in Apple phishing. And it’s probably not a coincidence that Netflix phishing grew in Q3, when Stranger Things Season 3, the most watched Netflix show this year, was released."
The most impersonated industry in this year's third quarter was finance, with ten different financial services brands making it into the top 25 list of phishers' favorites. On its own, finance accounted for a whopping 37.9% of all URLs.
Phishers mailed out 79.1% of their email scams on weekdays, with Mondays and Wednesdays proving to be the most popular days on which to cast a virtual line.
Asked if scammers are ditching big-dream bait like wealth and romance in favor of more banal hooks, Gendre said: "We still see a fair share of wealth and romance scams. For phishing, though, the hook is less about romance and more about creating fear, uncertainty, and doubt (FUD), combined with a sense of urgency.
"For example, 'your Netflix account has been suspended because your payment wasn’t processed.' The combination of fear and urgency is intended to drive targets to click without thinking or scrutinizing the email."