Google, Facebook, and Amazon are the most frequently targeted brands when it comes to phishing attacks, according to Kaspersky’s recent research among 25 popular global companies. Cybercriminals also heavily pursue the credentials and data of other brands, with the number of attacks increasing nearly 1.5 times year-on-year.
In the first half of 2024, people around the world tried to access fake resources impersonating these brands nearly 26 million times, which is almost 40 percent more frequently than in January-June 2023.
Among the brands studied, cybercriminals primarily targeted Google services in their attempts to steal credentials, such as usernames and passwords. Kaspersky solutions blocked over 4 million attempts worldwide to access phishing websites designed to trick users into providing their Google account information. Following Google, there were around 3.7 million attempts on Facebook users, while Amazon ranked third with approximately 3 million. Microsoft and DHL rounded out the top five with 2.8 million and 2.6 million attempts, respectively. PayPal, Mastercard, Apple, Netflix, and Instagram turned out to be among the top 10 brands targeted by cybercriminals for credentials and money in 2024.
Some brands turned out to be increasingly targeted in phishing attack attempts compared to last year. Phishing for Google has more than tripled, demonstrating 243 percent growth in the first half of 2024 compared to last year. Mastercard has seen a 210 percent rise in attempts to steal sensitive data and money, followed by Facebook and Netflix, both of which experienced a doubling of attack attempts.
“This year has seen a significant increase in phishing attempts targeting Google. If a phisher gains access to a Gmail account, they can potentially access multiple services, making it a prime target. Phishing for Mastercard, typically aimed at stealing money, has likely risen alongside the proliferation of fake online shops pretending to sell goods and offering checkout options with allegedly Mastercard,” says Olga Svistunova, a security expert at Kaspersky.
Other brands that didn’t make it into the top 10, but have become increasingly targeted include HSBC, eBay, Airbnb, American Express, and LinkedIn.
Although well-known brands are prime targets for cybercriminals, niche brands are not immune. Fraudsters often target products and services with high demand, seasonal trends, or for other reasons. To effectively manage and mitigate these risks, monitor online presenceand consider outsourcing this task to a proven cybersecurity provider as Kaspersky offers a dedicated takedown tool. Educate and inform your customers and ask your customers to report all suspicious activities carried out on behalf of your brand.
For a deeper immersion in the ever-evolving world of cyber threats and insightful networking, join Kaspersky’s sixteenth Security Analyst Summit (SAS), which takes place from October 22-25, 2024, in Bali.