LinkedIn Is Most Imitated Brand in Phishing Attacks

Microsoft's LinkedIn professional social network platform was the No. 1 mimicked brand by attackers when leveraging phishing attacks, according to security firm Check Point.

In its latest Brand Phishing Report, Check Point looked at the global phishing landscape for the first quarter of this year and found that not only was LinkedIn the most imitated brand, but it dominated the majority of phishing attempts.

"So far this year, LinkedIn has been related to more than half (52 percent) of all phishing-related attacks globally, marking the first time the social media network has reached the top of rankings," read the report. "It represents a dramatic 44 percent uplift from the previous quarter, when LinkedIn was in fifth position and related to only 8 percent of phishing attempts."

The most commonly used attack included sending a fake LinkedIn e-mail to a target. Once an embedded link is clicked, the user is taken to a spoofed Web page, mimicking the look of a LinkedIn log-in page. Their credentials would then be harvested and either sold or used in attempts to log into more sensitive sites using the hijacked credentials.

The dramatic increase of phishers specifically using LinkedIn as their avenue of attack has completely changed the phishing landscape, according to Check Point. Spoofed e-mails and messages from shipping-related companies used to represent the biggest brands copied. While these companies are still being utilized by attackers, the second-place entry for the quarter was DHL, with 14 percent of all appeared phishing attempts -- a far cry from LinkedIn's 52 percent.

Here's the full list of the top 10 imitated brands for the period between January and March:

  1. LinkedIn (52 percent)
  2. DHL (14 percent)
  3. Google (7 percent)
  4. Microsoft (6 percent)
  5. FedEx (6 percent)
  6. WhatsApp (4 percent)
  7. Amazon (2 percent)
  8. Maersk (1 percent)
  9. AliExpress (0.8 percent)
  10. Apple (0.8 percent)

The latest quarterly report represents the first time that Danish shipping company Maersk and Chinese-based online shopping retailer AliExpress have broken through to the top imitated brands.

In the case of Maersk, Check Point said some of the phishing attempts were especially malicious. The security company spotted fake e-mails asking users to download a copy of their bill in what appeared to be an attached Excel file. The file would then infect the system with the Agent Tesla remote access Trojan, which is a popular malware that has seen large growth in use over the last two years.

The latest quarterly report, highlighting attackers' growing interest in phishing attempts related to social media, should be taken as a warning that the net of possible phishing targets is growing, according to Check Point.

"As always, we encourage users to be cautious when divulging personal data and credentials to business applications or websites, and to think twice before opening email attachments or links, especially emails that claim to be from companies such as LinkedIn or DHL, as they are currently the most likely to be impersonated," said the company.

About the Author

Chris Paoli (@ChrisPaoli5) is the associate editor for Converge360.


comments powered by Disqus

Subscribe on YouTube