Security researchers at Check Point have revealed that Yahoo knocked DHL off the top spot as the most imitated brand in the last quarter of 2022, now responsible for 20% of all phishing attempts recorded in the wild.
The findings come from the company’s latest Brand Phishing Report and suggest that several cyber-criminals had been found distributing emails with subject lines that told a recipient they had won prize money from initiatives organized by Yahoo, worth hundreds of thousands of dollars. Email senders showed names such as 'Award Promotion' or ‘Award Center.’
The phishing messages also warned that the target must refrain from telling people about winning the prize because of legal issues. It asked the recipient to share their personal information and bank details in order to receive the winning prize money into their accounts.
As for other brands most impersonated in Q4 2022, DHL came in second place with 16% of all brand phishing attempts, and Microsoft followed in the third spot with 11%.
Industry-wise, Check Point said the technology sector was the most imitated by brand phishing in the last quarter of 2022, followed by shipping and social networks.
“We are seeing hackers trying to bait their targets by offering awards and significant amounts of money. Remember, if it looks too good to be true, it almost always is,” warned Omer Dembinsky, data group manager at Check Point Software.
“You can protect yourself from a brand phishing attack by not clicking on suspicious links or attachments and by always checking the URL of the page you are directed to. Look for misspellings and do not volunteer unnecessary information.”
The Check Point report comes a couple of months after Egress security researchers noticed a 78% increase in email impersonation attacks spoofing the Netflix brand in October 2022.