Brands such as Amazon, Apple, Netflix, Facebook, and WhatsApp are the most used by cybercriminals in phishing and social engineering attacks in 2020. According to researches, the favorite brand used by cybercriminals in phishing attacks in 2020 was Facebook. 4.5 million phishing attacks were carried out between April and September using social media platforms.
1. Brand Usage Rates in Phishing Attacks
Some brands and attack numbers that come after Facebook are as follows;
- 3.7 Million phishing attempts were made on WhatsApp,
- 3.3 million phishing attacks were carried out using the Amazon brand,
- Apple followed these brands with 3.1 million and Netflix with 2.7 million.
According to an analysis published by Kaspersky, brands owned by Google (including YouTube, Gmail, and Google Drive) ranked sixth with a total of 1.5 million phishing attempts.
Researchers warned that many of the web services we mentioned above may pose a risk to data that may be sensitive to the organization, as they are frequently used by employees of small and medium-sized businesses.
Top Brands Used in Phishing Attacks in 2020 – cyber security awareness training for free.
It is important for any organization to understand where threats may come from and what technology and awareness measures are required to prevent them. Company employees need to be comfortable using the services they need, so getting the balance right is very important.
Facebook’s incredible user base – with over 2.7 billion monthly active users as of the second quarter of 2020 – makes it the most attractive brand for cybercriminals.
Also, according to the report published last week, there was a Facebook phishing attack that affected at least 450,000 users. The attack was accomplished by sending a link to Facebook users via a message that looks like a YouTube video. When victims clicked on the link, they were redirected to multiple websites and eventually to a Facebook phishing page. Attackers then seized Facebook account information of users with low awareness.
Top Brands Used in Phishing Attacks in 2020 – Would you like to see cyber security awareness training for free?
2- Analyzes Made by Researchers
Looking at the other side of this situation, at the same time, these social media platforms are the most blocked services by corporate companies. Other apps blocked include Twitter, Pinterest, Instagram, and LinkedIn.
The researchers also noted that messaging apps, file sharing, or mail services are generally not blocked, most likely because they are often used for work purposes as well as for personal needs. These products, including Google’s services (Gmail and Google Drive), are frequently used in targeted attacks by cybercriminals.
Top Brands Used in Phishing Attacks in 2020 our note
As Keepnet Labs, we can suggest that recently popular short video shooting applications such as TikTok can be used in phishing attacks and need attention.
3. What can we do against Phishing Attacks?
Cyber Security Awareness Training and Anti phishing software
The most common method cybercriminals use in cyber attacks on corporate companies is social engineering attacks. Although investments are made in e-mail services and email security solutions, attackers always discover a way to circumvent these security solutions. Therefore, it is very important for your end-user to become aware of phishing emails using phishing awareness training. Continuous training of your employees ensures that they are resistant to such attacks. Nowadays, this training is sometimes not given by companies, but sometimes they can be very boring. You can ensure that your users learn while having fun with professional animation training prepared on the Keepnet Labs Awareness Training Team.
“This post is originally published at www.keepnetlabs.com”
