The results were made by analysts at the Cyber Security company Check Point.
The use of Microsoft’s brand name can be due to the fact that Microsoft products are commonly used by businesses, and the vast majority of workers using them have worked from home since the outbreak of the virus.
Microsoft was the most commonly imitated brand name used in phishing attacks in the months of September, accounting for 19 per cent of them worldwide, says the Check Point cyber-security agency. The use of Microsoft’s brand name can be due to the fact that Microsoft products are commonly used by businesses, and the vast majority of workers using them have worked from home since the outbreak of the virus.
Check Point researchers found malicious phishing emails sent in Microsoft’s name to trick users to click on a malicious connexion that would redirect them to a fake Microsoft login page.
Using real brand names or trademarks in phishing emails or web sites is a common technique and is commonly used by cyber-criminals to make them appear trustworthy to get gullible users to click malicious websites, attachments to exchange login information. Hackers also use brand names that are more likely to click.
“There are actually millions and millions of people operating remotely, many of them doing this for the first time in their lives. Hackers, sensing a great chance, mimic the brand that is best known for its work — Microsoft. I anticipate Microsoft’s imitations to begin as we transform the Fresh Year, “said Omer Dembinsky, data threat intelligence manager, Check Point in a statement.
Google and Amazon, the most imitated brand names in the June quarter, slipped down in the list at number 3 and 9 in September, as attackers lost confidence in them. The other most imitated brand names in September’s top five most imitated band list are DHL (9 per cent), Google (9 per cent), PayPal (6 per cent) and Netflix (6 per cent). According to Check Point, this is the first time the brand name of DHL has been featured in the top 10.
Further breakup of results shows that e-mail phishing accounted for 44 per cent of threats, online phishing accounted for 43 per cent, and tablet phishing accounted for 12 per cent. Although Microsoft was the most imitated brand name in both email and web phishing, WhatsApp was the most imitated brand name in smartphone phishing.
Dembinsky advised remote staff to be extra careful after getting an email about their Microsoft account.