infotechlead

Yahoo tops in phishing attacks in fourth quarter: Check Point

Top brands such as Yahoo (20 percent), DHL (16 percent), Microsoft (11 percent), Google (5.8 percent) and Linkedin (5.7 percent) faced phishing attacks last quarter, according to Check Point Research’s Q4 2022 Brand Phishing Report.
Google YahooThese brands were most frequently imitated by criminals during October-December 2022. Yahoo was the top brand impersonated in phishing attacks last quarter, climbing 23 spots in the ranking from the previous quarter. Cybercriminals are sending emails with subject lines that suggest a recipient has won awards and prize money.

The other most imitated brands are Wetransfer (5.3 percent), Netflix (4.4 percent), FedEx (2.5 percent), HSBC (2.3 percent) and WhatsApp (2.2 percent).

Phishing Attacks

Hackers try to imitate the official website of a well-known brand by using a similar domain name or URL, and web-page design to the genuine site. The link to the fake website can be sent to targeted individuals by email or text message. A user can be redirected during web browsing, or it may be triggered from a fraudulent mobile application. The fake website often contains a form intended to steal users’ credentials, payment details or other personal information.

Yahoo

CPR found campaigns that included malicious phishing emails that used Yahoo’s branding, containing the subject “YAHOO AWARD” which were sent by senders with user names such as “Award Promotion”, “Award Center”, “info winning” or “Award Winning”.

The content of the email distributed in the campaign informed the victims that they have won prize money worth hundreds of thousands of dollars, in contests organized by Yahoo. The email then asks the recipients to send their personal and bank details, claiming this information was necessary to transfer the winning prize money.

Latest

More like this
Related

Beware of cybersecurity scams during summer holidays: Check Point warns of travel-related phishing surge

With the summer vacation season in full swing, cybercriminals...

Microsoft offers free AI-powered cybersecurity program to European governments

Microsoft has launched a new cybersecurity initiative aimed at...

Hackers exploit modified Salesforce tool to breach corporate networks and steal data

Cybercriminals are weaponizing a modified version of Salesforce’s Data...

CrowdStrike Q1 revenue jumps 20% on enterprise wins, Falcon Flex surge, and AI innovation

CrowdStrike has reported 20 percent increase in its first-quarter...