Security News > 2022 > January > DHL dethrones Microsoft as most imitated brand in phishing attacks
DHL was the most imitated brand in phishing campaigns throughout Q4 2021, pushing Microsoft to second place, and Google to fourth.
Phishing campaigns impersonating the brand have good chances of reaching people who are waiting for a DHL package to arrive during the holiday season.
In an example presented on the Check Point report, a phishing campaign used spoofed DHL customer support email addresses to send the "Shipment notification" message, as shown below.
In this case, the email requests the user to verify their identity, which takes place on a phishing page that is made to look exactly like the real DHL site.
Finally, there's an ominous PayPal phishing specimen that requests the target to "Confirm their account information" to lift a status of temporary suspension.
Phishing relies on creating a sense of urgency, so whenever you're dealing with an email that causes you distress, consider the possibility of it being an attempt to trick you into giving away sensitive information.
News URL
Related news
- Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks (source)
- Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks (source)
- New Rockstar 2FA phishing service targets Microsoft 365 accounts (source)
- GenAI makes phishing attacks more believable and cost-effective (source)
- CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force (source)
- Inside the incident: Uncovering an advanced phishing attack (source)
- Microsoft enforces defenses preventing NTLM relay attacks (source)
- Hackers Use Microsoft MSC Files to Deploy Obfuscated Backdoor in Pakistan Attacks (source)
- HubSpot phishing targets 20,000 Microsoft Azure accounts (source)
- Ongoing phishing attack abuses Google Calendar to bypass spam filters (source)