Why hackers still impersonate Microsoft more than any other company

Microsoft, PayPal, and Facebook are the top brands hackers attempt to copy in phishing attacks, according to Vade Secure.

How sophisticated phishing grants attackers total control of your computer

For five quarters in a row, Microsoft has topped the list of brands that hackers impersonate the most in phishing attack attempts, according to Vade Secure's Phishers' Favorites report for Q2 2019, released Thursday. Over the course of Q2, Vade Secure's artificial intelligence (AI)-based engine detected 20,217 unique Microsoft phishing URLs—an average of more than 222 per day, the report found. This also represents a nearly 16% increase over Q2 2018 for Microsoft.

Microsoft dominates the list due in large part to its dominance in the enterprise, the report noted. With more than 180 million active users on Office 365 Commercial, the platform is automatically a major target because of its sheer size. The value of Office 365 credentials also make Microsoft a prime phishing target, as they can potentially provide a single entry point to the entire Office 365 platform, including a company's Global Address List, and documents, information, and contacts stored in SharePoint, OneDrive, and Skype. 

SEE: Phishing attacks: A guide for IT pros (free PDF) (TechRepublic)

When hackers are able to compromise Office 365 accounts, they increasingly also use them to send spear phishing emails targeting other employees or clients of the company, the report found. 

"We continue to see a variety of Office 365 phishing attacks, including suspended account claims and links to OneDrive/SharePoint documents, voicemail recordings, and even faxes," the report stated. "Recent examples were found using free online tools like Typeform to create and host fake forms for harvesting credentials. We've also seen emails using exotic character sets—such as Russian Cyrillic in the subject, 'Closing Your Office ƷбƼ'—to bypass basic content filters looking for exactly 'Office 365.'" 

Here are the top 10 companies that hackers try to impersonate the most in phishing attacks in Q2 2019, according to the report:

  1. Microsoft
  2. PayPal
  3. Facebook
  4. Netflix
  5. Bank of America
  6. Apple
  7. CIB
  8. Amazon
  9. DHL
  10. Docusign

PayPal also held the no. 2 spot in Q1 2019. PayPal phishing attempts were up nearly 112% year over year, the report found, likely because it is the most widely used online payment service worldwide. 

Facebook phishing has increased dramatically since the beginning of 2019, with triple-digit phishing URL growth in Q1 (156%) and Q2 (176%), and year over year growth of 176%, the report found. One possible reason for this is the rise of social sign-on using Facebook accounts, via the Facebook Login feature. This means that by gaining a set of Facebook credentials, a hacker could also see and compromise the other apps the user has authorized with this sign on. 

For more, check out Phishing and spearphishing: A cheat sheet for business professionals on TechRepublic. 

Also see 


Image: iStockphoto/weerapatkiatdumrong