Security News > 2022 > January > DHL dethrones Microsoft as most imitated brand in phishing attacks

DHL was the most imitated brand in phishing campaigns throughout Q4 2021, pushing Microsoft to second place, and Google to fourth.
Phishing campaigns impersonating the brand have good chances of reaching people who are waiting for a DHL package to arrive during the holiday season.
In an example presented on the Check Point report, a phishing campaign used spoofed DHL customer support email addresses to send the "Shipment notification" message, as shown below.
In this case, the email requests the user to verify their identity, which takes place on a phishing page that is made to look exactly like the real DHL site.
Finally, there's an ominous PayPal phishing specimen that requests the target to "Confirm their account information" to lift a status of temporary suspension.
Phishing relies on creating a sense of urgency, so whenever you're dealing with an email that causes you distress, consider the possibility of it being an attempt to trick you into giving away sensitive information.
News URL
Related news
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Critical RCE bug in Microsoft Outlook now exploited in attacks (source)
- Microsoft Identifies 3,000 Leaked ASP.NET Keys Enabling Code Injection Attacks (source)
- Microsoft Uncovers Sandworm Subgroup's Global Cyber Attacks Spanning 15+ Countries (source)
- Microsoft: Russian-Linked Hackers Using 'Device Code Phishing' to Hijack Accounts (source)
- Darktrace: 96% of Phishing Attacks in 2024 Exploited Trusted Domains Including SharePoint & Zoom Docs (source)
- Phishing attack hides JavaScript using invisible Unicode trick (source)
- Microsoft fixes Power Pages zero-day bug exploited in attacks (source)
- Botnet targets Basic Auth in Microsoft 365 password spray attacks (source)
- FatalRAT Phishing Attacks Target APAC Industries Using Chinese Cloud Services (source)