Job site and professional social network LinkedIn accounted for more than half of all brand phishing attacks in the first quarter of this year.
According to Check Point Research (CPR), this is the first time LinkedIn has taken the top spot in its Q1 2022 Brand Phishing Report. The professional social network was spoofed in 52% of all phishing attacks in the world during the first quarter, which represents a spectacular increase of 44% compared to the previous quarter.
Meanwhile, the new CPR report shows that cybercriminals now prefer to take advantage of social networks rather than shipping companies and tech giants including Google, Microsoft and Apple.
As for the rest of the companies whose brands are frequently used in phishing attempts, global shipping company DHL took second place with 14%, followed by Google (7%), Microsoft (7%) and FedEx (6%) . Along with these companies, Amazon, Maersk, AliExpress, Apple and WhatsApp complete the CPR Top 10 list, with Meta-owned WhatsApp accounting for nearly one in 20 phishing-related attacks globally.
Brand phishing attacks
For those who are unfamiliar, in a brand phishing attack, cybercriminals try to impersonate the official website of a well-known company by using a similar domain name and webpage design.
From there, links to fake websites are sent to the targeted people via email or SMS. These fake websites also often contain a form intended to steal user credentials, payment details or other personal information.
Head of Data Research Group at Check Point Software, Omer Dembinsky explained in a blog post how cybercriminals behind brand phishing attacks will also try to deploy malware to corporate networks in addition to steal sensitive personal and business information, saying:
“These phishing attempts are attacks of opportunity, pure and simple. Criminal groups orchestrate these large-scale phishing attempts, with the aim of getting as many people as possible to part with their personal data. Some attacks will attempt to influence individuals or steal their information, like the ones we see with LinkedIn. Others will be attempts to deploy malware on corporate networks, such as the bogus emails containing fake carrier documents that we see with companies like Maersk. If there was ever any doubt that social media would become one of the most targeted sectors by criminal groups, Q1 dispelled those doubts.
In order to avoid falling victim to brand phishing attacks, CPR recommends that users exercise caution when disclosing personal data and credentials to professional apps or websites, think twice before open attachments or links, check for misspellings in emails and domains used by websites, and be wary of urgent requests such as “change your password now”.