Google and Amazon phishing scams are on the rise, overtaking Apple in Check Point’s Brand Phishing report for Q2 2020.
The recent report shows little overall change in the number of phishing attempts, only significant changes in the brands being imitated by the bad guys.
Phishing attacks such as these usually follow a similar pattern, an email appearing to be from a recognisable brand is sent to many users. Their aim is to spark the interest, curiosity or fear into the reader in an attempt to force a reaction from them.
These emails warn users of a negative consequence or promise a reward in exchange for inputting sensitive information such as user credentials, names, addresses and bank details.
These details are then used for myriad malicious activities, a problem which is only compounded should the victim reuse their passwords across other accounts.
Since the beginning of 2020, the social engineer‘s brand of choice to impersonate has been Apple for phishing attacks, however more recently Amazon and Google have had a very noticeable increase in reported phishing attempts, shifting Apple from 1st to 7th place in the most recent survey.
Image credit: Check Point Software
Amazon and Google each accounted for 13% of all brand phishing campaigns analysed, whereas Apple only accounted for 2%, placing it inline with Netflix, Huawei and Paypal.
So, what caused this big shift?
New research suggests it is likely due to activity change cause by the pandemic. Here’s what Omer Dembinsky, Check Point’s manager of data research said about the matter:
“It is hard to say, and in many cases we can only speculate. Amazon’s rise, for example, could be related to online shopping growth during the COVID-19 pandemic, but for others it could be more difficult to point to a specific reason. Sometimes it’s enough to have a few major malicious campaigns by threat actors to shift one brand up or down the ranking.”
These email phishing scams started to become far more common and popular at the start of Q2, in line with the beginning of the pandemic.
As so many internet users were required to stay and work from home, so an increase in the reliance of virtual communication methods, such as email, gave these hackers an additional opportunity for attack..
These potentially disastrous phishing attacks show no sign of letting up. Do you think your organisation could detect and mitigate a threat before it became serious?
Take our Free Click-Prone® Test now and take the guess work out of your security.