Security News > 2022 > January > DHL dethrones Microsoft as most imitated brand in phishing attacks

DHL was the most imitated brand in phishing campaigns throughout Q4 2021, pushing Microsoft to second place, and Google to fourth.
Phishing campaigns impersonating the brand have good chances of reaching people who are waiting for a DHL package to arrive during the holiday season.
In an example presented on the Check Point report, a phishing campaign used spoofed DHL customer support email addresses to send the "Shipment notification" message, as shown below.
In this case, the email requests the user to verify their identity, which takes place on a phishing page that is made to look exactly like the real DHL site.
Finally, there's an ominous PayPal phishing specimen that requests the target to "Confirm their account information" to lift a status of temporary suspension.
Phishing relies on creating a sense of urgency, so whenever you're dealing with an email that causes you distress, consider the possibility of it being an attempt to trick you into giving away sensitive information.
News URL
Related news
- Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)
- New ClickFix attack deploys Havoc C2 via Microsoft Sharepoint (source)
- YouTube warns of AI-generated video of its CEO used in phishing attacks (source)
- Microsoft Warns of ClickFix Phishing Campaign Targeting Hospitality Sector via Fake Booking[.]com Emails (source)
- Ukrainian military targeted in new Signal spear-phishing attacks (source)
- Hidden Threats: How Microsoft 365 Backups Store Risks for Future Attacks (source)
- Microsoft’s new AI agents take on phishing, patching, alert fatigue (source)
- After Detecting 30B Phishing Attempts, Microsoft Adds Even More AI to Its Security Copilot (source)
- Phishing platform 'Lucid' behind wave of iOS, Android SMS attacks (source)
- Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware (source)