Carding Forum
Professional
- Messages
- 2,788
- Reaction score
- 1,208
- Points
- 113
New names have been added to the list of victims of cyber attacks.
Phishing attacks remain one of the most common cyber threats and are often the beginning of larger supply chain campaigns. Recently, Check Point Research (CPR), the threat analysis division of Check Point® Software Technologies Ltd., published a fresh ranking of brands most frequently forged by cybercriminals in the second quarter of 2024. This rating shows which companies are most often used by hackers to deceive users and steal personal information or payment data.
Leaders of phishing attacks
The second quarter of 2024 showed that Microsoft remains the most spoofed brand, accounting for more than half of all phishing attempts — 57%. In second place was Apple with 10%, moving from the fourth place, which it occupied in the first quarter of this year. LinkedIn retained its third place with 7% of phishing attacks. Also in the top 10 for the first time since 2022 were Adidas, WhatsApp and Instagram.
Prevailing industries
The technology sector remains the most frequently spoofed in phishing attacks, followed by social media and the banking sector. Technology companies such as Microsoft, Google, and Amazon often store sensitive data, including personal and financial information, and provide access to other accounts, making them attractive targets for attackers.
Security recommendations
To protect against phishing attacks, we recommend that you always verify the sender's email address, avoid clicking on unwanted links, and enable multi-factor authentication (MFA) on your accounts. Also, the use and regular updating of security software helps to detect and block phishing attempts.
Top 10 brands Faked in phishing Attacks in the second quarter of 2024:
Phishing campaigns disguised as Adidas
In the second quarter, Check Point Research observed several phishing campaigns that mimicked Adidas brand websites. For example, adidasyeezys sites[.] cz and adidasyeezys[.it was created to trick users into believing that they were on the official Adidas Yeezy websites. These fraudulent resources externally copy the original Adidas website and use it to steal user data.
Phishing campaigns disguised as Instagram
In recent months, there have been numerous campaigns using the Instagram brand for online fraud. As a result, Instagram took the tenth place in the list of the most counterfeited brands, for the first time since 2022. One example includes a phishing page on the domain instagram-nine-flame]. [vercel].[app / login, which mimicked the Instagram login interface, prompting users to enter their login details.
Another example is the instagram — verify-account].[tk domain, which previously displayed a message asking you to enter personal information under the pretext of verifying your Instagram account.
Phishing attacks continue to be a serious threat, and users need to exercise increased vigilance to protect their data and avoid falling into the traps of intruders.
Source
Phishing attacks remain one of the most common cyber threats and are often the beginning of larger supply chain campaigns. Recently, Check Point Research (CPR), the threat analysis division of Check Point® Software Technologies Ltd., published a fresh ranking of brands most frequently forged by cybercriminals in the second quarter of 2024. This rating shows which companies are most often used by hackers to deceive users and steal personal information or payment data.
Leaders of phishing attacks
The second quarter of 2024 showed that Microsoft remains the most spoofed brand, accounting for more than half of all phishing attempts — 57%. In second place was Apple with 10%, moving from the fourth place, which it occupied in the first quarter of this year. LinkedIn retained its third place with 7% of phishing attacks. Also in the top 10 for the first time since 2022 were Adidas, WhatsApp and Instagram.
Prevailing industries
The technology sector remains the most frequently spoofed in phishing attacks, followed by social media and the banking sector. Technology companies such as Microsoft, Google, and Amazon often store sensitive data, including personal and financial information, and provide access to other accounts, making them attractive targets for attackers.
Security recommendations
To protect against phishing attacks, we recommend that you always verify the sender's email address, avoid clicking on unwanted links, and enable multi-factor authentication (MFA) on your accounts. Also, the use and regular updating of security software helps to detect and block phishing attempts.
Top 10 brands Faked in phishing Attacks in the second quarter of 2024:
- Microsoft (57%)
- Apple (10%)
- LinkedIn (7%)
- Google (6%)
- Facebook (1.8%)
- Amazon (1.6%)
- DHL (0.9%)
- Adidas (0.8%)
- WhatsApp (0.8%)
- Instagram (0.7%)
Phishing campaigns disguised as Adidas
In the second quarter, Check Point Research observed several phishing campaigns that mimicked Adidas brand websites. For example, adidasyeezys sites[.] cz and adidasyeezys[.it was created to trick users into believing that they were on the official Adidas Yeezy websites. These fraudulent resources externally copy the original Adidas website and use it to steal user data.
Phishing campaigns disguised as Instagram
In recent months, there have been numerous campaigns using the Instagram brand for online fraud. As a result, Instagram took the tenth place in the list of the most counterfeited brands, for the first time since 2022. One example includes a phishing page on the domain instagram-nine-flame]. [vercel].[app / login, which mimicked the Instagram login interface, prompting users to enter their login details.
Another example is the instagram — verify-account].[tk domain, which previously displayed a message asking you to enter personal information under the pretext of verifying your Instagram account.
Phishing attacks continue to be a serious threat, and users need to exercise increased vigilance to protect their data and avoid falling into the traps of intruders.
Source
