Though IT professionals frequently prioritize patching software vulnerabilities, end users are often the weakest link in the security chain. Social engineering attacks–typically in the form of phishing–continue to be a popular mode of attack for cybercriminals, especially for those targeting individual users rather than large corporations. Email security firm Vade Secure published on Wednesday their list of the most-impersonated brands in the Q4 2018 Phishers’ Favorites report.

From the report, the 10 most impersonated brands in North America are:

  1. Microsoft
  2. Netflix
  3. PayPal
  4. Bank of America
  5. Chase
  6. DHL
  7. Facebook
  8. Docusign
  9. LinkedIn
  10. Dropbox

Given the ubiquity of Windows and Office, as well as other services including the webmail service and Xbox Live, Microsoft’s position at the top of the list should come as no surprise. Likewise, the report points to how lucrative such attacks are, as a single login provides complete access to a treasure trove of data stored in Office 365.

Office 365 phishing is also increasingly part of multi-phase attacks, in which “hackers harvest Office 365 credentials and then use those legitimate accounts to send spear phishing emails targeting those users’ colleagues or business partners,” according to the report. Because these attacks utilize legitimate accounts, they are an order of magnitude more difficult for security products to detect.

SEE: Job description: Information security analyst (Tech Pro Research)

Netflix jumped from third to second place in Q4, as users were targeted just ahead of the holidays with phishing attacks taking advantage of consumers, with with attacks spiking on Christmas. Likewise, the recent Netflix price hike provided an opportunity for phishers to attack users.

Financial services firms PayPal, Bank of America, and Chase round out the top five. Banks and money transfer services like PayPal are often easy targets due to the quick payoff of hacking these accounts. Nine of the 25 brands cited in the full report are in the financial services industry.

Global logistics firm DHL is in sixth place, jumping three positions with a sizable 24.5% in phishing attacks.

Facebook dropped one position to seventh place, with a 39% decrease in attacks. Given the increased scrutiny the company is giving to platform users in light of the Facebook data privacy scandal, as well as the lack of direct financial incentive for targeting Facebook accounts, the de-emphasis of Facebook among phishers is understandable. Conversely, LinkedIn jumped four positions with a 15.8% increase in attacks.

Cloud services Docusign and LinkedIn filled the eighth and tenth positions, respectively.

For those curious, Adobe was thirteenth on the list, Google placed fourteenth, and Apple placed fifteenth. Yahoo fell four positions to twenty fourth, a trend that appears likely to continue as popularity of the legacy search engine wanes.

The big takeaways for tech leaders:

  • Microsoft is the brand hackers are most likely to impersonate in phishing attacks, due in part to Office 365. –Vade Secure, 2019
  • Financial services firms represented nine of the 25 brands most likely to be spoofed by phishers. –Vade Secure, 2019