Amazon is the most imitated brand in phishing emails
According to data presented by the Atlas VPN team, Amazon topped the list as the most impersonated brand in email phishing attacks worldwide last year. In total, 17.7% of brand phishing emails used Amazon’s brand name.
The trillion-dollar brand is closely followed by the world’s leading logistics company DHL and a cloud-based electronic signature technology provider DocuSign, each accounting for 16.5% and 12.7% of the brand phishing campaigns, respectively.
Cybercriminals choose to impersonate big brands to lower the guard of their potential victims. Email phishing attacks lure targets to open links to malicious websites designed to infiltrate malware or steal data.
Digital payment service provider PayPal occupies the fourth spot on the list. Last year, the brand’s name was used in 5.7% of brand impersonation emails.
Next up is the world’s largest professional online network LinkedIn. LinkedIn’s name was abused in 3.5% of brand phishing campaigns.
Other brands in the top ten include Microsoft (3%), web hosting company 1&1 (2.5%), British telecommunications services provider O2 (2.3%), the social media giant Facebook (2.2%), and British banking group HSBC (1.8%).
Cybersecurity writer and researcher at Atlas VPN Ruta Cizinauskaite shares her thoughts on brand phishing attacks:
“Brand phishing attacks are especially damaging as they hurt not only the victims that fell for the attack but also the reputation of brands that have been spoofed. There is not much organizations can do to prevent cybercriminals from exploiting their brands. However, email users can protect themselves against phishing attempts by taking matters into their own hands.”
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
AddThis sets this cookie to track page visits, sources of traffic and share counts.
Set to record internal statistics for anonymous visitors.
1 year 1 month
addthis.com sets this cookie to determine the usage of addthis.com service.
1 year 1 month 4 days
Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors.
Google Analytics sets this cookie to store a unique user ID.
1 year 1 month 4 days
Google Analytics sets this cookie to store and count page views.
Google Analytics sets this cookie to store information on how visitors use a website while also creating an analytics report of the website's performance. Some of the collected data includes the number of visitors, their source, and the pages they visit anonymously.
1 year 24 days
Google sets this cookie under the DoubleClick domain, tracks the number of times users see an advert, measures the campaign's success, and calculates its revenue. This cookie can only be read from the domain they are currently on and will not track any data while they are browsing other sites.