- The three brands that are most frequently impersonated in phishing attempts are AT&T, PayPal, and Microsoft.
- Banking, technology, and telecommunications are the industries that phishing scammers target the most.
- Improved anti-phishing safeguards in Cloudflare One prevent the end-user confusion tactics that phishers deploy.
The security, performance, and reliability business Cloudflare, Inc., which is assisting in the development of a better Internet, recently released a global report on the Top 50 Brands Used in Phishing Attacks. The global network of Cloudflare protects about 20% of all websites, and its email security service prevented 2.3 billion spam emails from reaching inboxes in 2022. Because of this, Cloudflare can proactively safeguard its Zero Trust customers by using machine learning and data analysis to gain unique insight into the phishing sites that Internet users are most likely to click on.
Phishing is the term used to describe an attempt to obtain sensitive data, such as usernames, passwords, credit card numbers, bank and cryptocurrency account information, or other crucial data, with the intention of using or selling the stolen data. Phishing is currently the Internet crime with the quickest rate of growth, endangering both consumers and businesses. Similar to how a fisherman uses bait to catch a fish, an attacker will pose as a trustworthy source in order to attract the victim in and deceive them. This may be done with an alluring request or with a terrible consequence. These attempts frequently take the shape of an email, text message, or incorrect website URL that appears to be from a reputable company but is actually from a malevolent entity.
“Phishing attacks prey on our trust in the brands we love and use everyday, and are becoming more difficult to spot for even the most digitally-savvy person. Our sanity, bank accounts, and passwords shouldn’t be compromised because we glossed over a misspelled ‘from’ field or accidentally clicked on an obscure URL”, “We’ve extended our Zero Trust services with real-time protection against new phishing sites, so our customers won’t fall victim to attacks leveraging the brands they trust.”
Matthew Prince, Co-founder and CEO, Cloudflare
The most imitated brand in 2022 will be AT&T Inc.
The top 50 brands that phishing URLs most frequently mimic are:
| 1. | AT&T Inc. | 26. | Coinbase Global, Inc. |
| 2. | PayPal | 27. | Banco Bradesco S.A. |
| 3. | Microsoft | 28. | Caixa Econômica Federal |
| 4. | DHL | 29. | JCB Co., Ltd. |
| 5. | Facebook (Meta) | 30. | ING Group |
| 6. | Internal Revenue Service | 31. | HSBC Holdings plc |
| 7. | Oath Holdings/Verizon | 32. | Netflix Inc |
| 8. | Mitsubishi UFJ NICOS Co., Ltd. | 33. | Sumitomo Mitsui Banking Corporation |
| 9. | Adobe | 34. | Nubank |
| 10. | Amazon | 35. | Bank Millennium SA |
| 11. | Apple | 36. | National Police Agency Japan |
| 12. | Wells Fargo & Company | 37. | Allegro |
| 13. | eBay, Inc. | 38. | InPost |
| 14. | Swiss Post | 39. | Correos |
| 15. | Naver | 40. | FedEx |
| 16. | Instagram (Meta) | 41. | Microsoft |
| 17. | WhatsApp (Meta) | 42. | United States Postal Service |
| 18. | Rakuten | 43. | Alphabet |
| 19. | East Japan Railway Company | 44. | The Bank of America Corporation |
| 20. | American Express Company | 45. | Deutscher Paketdienst |
| 21. | KDDI | 46. | Banco Itaú Unibanco S.A. |
| 22. | Office365 (Microsoft) | 47. | Steam |
| 23. | Chase Bank | 48. | Swisscom AG |
| 24. | AEON | 49. | LexisNexis |
| 25. | Singtel Optus Pty Limited | 50. | Orange S.A. |
Because of the unprecedented access and potential financial gain that bank accounts, email and social media accounts, and phone companies can provide attackers, Cloudflare discovered that the finance, technology, and telecom businesses were the most frequently impersonated industries. Due to the ability of phishing attacks to capture emails and text messages used for two-factor authentication, which verifies a user’s identity, technology and telecom organisations are particularly vulnerable. Hence, these phishing attempts may result in the compromising of more accounts.
With Cloudflare One, new anti-phishing defences are available.
In addition to announcing new capabilities today, Cloudflare also promised to offer its clients the most thorough and potent phishing defence available. Customers may now automatically and instantly identify and ban “confusable” domains to better protect their business networks, building on Cloudflare Area1’s recent release of enhanced Zero Trust email security technologies. The phishing attack that jeopardised Cloudflare and 100 other businesses last summer, when attackers built the false “cloudflare-okta.com” domain just 40 minutes before delivering it to employees, can be prevented with the use of this product. Customers can set up zero trust rules with Cloudflare Gateway to stop their staff from resolving or visiting these “confusable” or “lookalike” domains.
Reporting Procedures
The report was created by Cloudflare using information from the 1.1.1.1 DNS resolver resolution to identify the top popular phishing URLs’ linked domains. The data collection was purged of any shared service domains (such as hosting sites Google, Amazon, and GoDaddy) that could not be identified as phishing attempts.
To Read More IT Related News Click Here
