Microsoft Named Most Imitated Brand in Phishing Attacks

Microsoft appeared as the most impersonated brand in phishing attacks during the third quarter of 2024, according to new research by CheckPoint.

The tech firm topped the latest edition of Check Point Research’s Brand Phishing Ranking, with 61% of brand phishing attempts leveraging Microsoft branding.

Microsoft’s place is consistent with the previous edition of the ranking.

Apple also retains its position as second most impersonated brand, with 12% of phishing attempts using the firm’s branding. Google, which came fourth in the previous ranking, reached third place at 7%.

Alibaba made its debut in the top 10 at seventh place (1.1%), and Adobe re-entered the ranking at eight (0.8%), marking its first appearance since Q2 2022.

Some of the most sophisticated brand impersonation attempts observed by Check Point included alibabashopvip[dot]com, a Vietnamese-language malicious phishing website impersonating the Alibaba e-commerce retail brand with official branding and offering counterfeit products.

The threat intelligence team has also observed the emergence of a series of Whatsapp-related websites (e.g. whatsapp-io[dot]com) mimicking a Whatsapp security center and prompting users to enter personal information, including their phone number and country or region, under the pretense of resolving account anomalies.