Vade, a global cybersecurity company that secures human collaboration with a combination of AI and human-powered detection and response, released its H1 2023 Phishing and Malware Report.ย The research reveals the top 10 most impersonated brands inย phishingย in H1 2023 and detailsย phishingย and malware trends in the first half of the year.Facebookย landed in the No. 1 spot for the most impersonated brand in H1, followed byย Microsoft. Rounding out the top 5 areย Crรฉditย Agricole,ย SoftBankย andย Orange.
Facebookย andย Microsoftย continue their dominance as the most impersonated brands
Facebookย andย Microsoft’sย collective dominance as the mostย spoofedย brands continued into H1 2023, with the former accounting for 18% of allย phishingย URLsย and the latter accounting for 15%. Whileย Facebookย was the clear leader,ย Microsoftย overtook theย social mediaย giant in Q2 after experiencing a 22% QoQ increase in spoofing attempts. Demonstrating just how popular these brands are among hackers,ย Facebookย andย Microsoftย together accounted for more uniqueย phishingย URLsย than the next top five brands combined (Crรฉditย Agricole,ย SoftBank,ย Orange,ย PayPalย andย Apple).
CIO INFLUENCE: General Data Protection Regulation (GDPR) Anniversary
Financial servicesย remains the most impersonated industry
Q2 was a record quarter forย Japan-basedย Softbank, who ended the period as the third most impersonated brand inย phishing attacks, accounting for 4591 uniqueย URLsย and experiencing a 1500% QoQ increase. At the end of H1,ย SoftBankย ended up in the No. 4 slot behindย Facebook,ย Microsoftย andย Crรฉditย Agricole. Butย SoftBankย isn’t alone โย US-basedย First Citizens Bankย experienced a 4000% increase in uniqueย phishingย URLsย between Q1 (12) and Q2 (502). Last but not least,ย France-basedย Crรฉditย Agricole jumped four places to become the third most impersonated brand in H1, with QoQ increases of 170% in Q1 and 61% in Q2, respectively.
It comes as no surprise that theย financial services industryย remained the most impersonated industry in H1. The sector accounted for more than 33% of allย phishingย URLs, followed by theย social mediaย (22%) and cloud (21%) industries.
CIO INFLUENCE: Nextira Selected by Ansys Technology Partner Program to Support Customers Implementing Ansys Gateway Powered by AWS
Phishing attacksย continue to targetย Microsoftย andย Google
In addition toย Microsoft,ย Googleย also made it into the list of the top 10 most impersonated brands in H1, which is unsurprising given the popularity of both of their productivity suites,ย Microsoft 365ย andย Google Workspace. In Q2 alone, Vade uncovered two attacks targetingย Microsoft 365ย users and two attacks exploitingย Googleย services, includingย YouTubeย andย Google Translate. Research on these attacks and more can be found onย Vade’s blog.
Additional highlights from the H1 2023ย Phishingย and Malware report include:
- In Q1 and Q2 2023, moreย financial servicesย brands were among the top 25 most impersonated brands than in any quarter in the past 3 years
- Malware volumes increased slightly from H2 2022 (111.4 million) to H1 2023 (112.3 million)
- January saw the highest volume ofย phishing emails, while February saw the lowest
- Facebookย accounted for 85% of theย social mediaย sector’sย phishingย URLs
CIO INFLUENCE: CIO Influence Interview with Pete Lilley, Vice President and GM at Instaclustr
[To share your insights with us, please write toย sghosh@martechseries.com]
