Security News > 2023 > August > Abnormal Security: Microsoft Tops List of Most-Impersonated Brands in Phishing Exploits

According to the report, attackers favor Microsoft because of the potential to move laterally through an organization's Microsoft environments.
If 4.31% seems like a small figure, Abnormal Security CISO Mike Britton pointed out that it is still four times the impersonation volume of the second most-spoofed brand, PayPal, which was impersonated in 1.05% of the attacks Abnormal tracked.
Microsoft: 4.31% PayPal: 1.05% Facebook: 0.68% DocuSign: 0.48% Intuit: 0.39% DHL: 0.34% McAfee: 0.32% Google: 0.30% Amazon: 0.27% Oracle: 0.21%. Best Buy, American Express, Netflix, Adobe and Walmart are some of the other impersonated brands among the list of 350 companies used in credential phishing and other social engineering attacks Abnormal flagged over the past year.
Britton explained to TechRepublic that Abnormal tracks AI with its recently launched CheckGPT, an internal, post-detection tool that helps determine when email threats - including phishing emails and other socially-engineered attacks - have likely been created using generative AI tools.
"We're already seeing these AI attacks play out - Abnormal recently released research showing a number of emails that contained language strongly suspected to be AI-generated, including BEC and credential phishing attacks." He noted that AI can fix the dead giveaways: typos and egregious grammatical errors.
Splunk's 2023 State of Security report, based on a global survey of 1,520 security and IT leaders who spend half or more of their time on security issues, found that over the past two years, 51% of incidents reported were BECs - a nearly 10% increase vs. 2021 - followed by ransomware attacks and website impersonations.
News URL
https://www.techrepublic.com/article/abnormal-security-report/
Related news
- After Detecting 30B Phishing Attempts, Microsoft Adds Even More AI to Its Security Copilot (source)
- Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection (source)
- Microsoft shares workaround for Windows security update issues (source)
- Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers (source)
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)
- Microsoft: Russian-Linked Hackers Using 'Device Code Phishing' to Hijack Accounts (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Russian phishing campaigns exploit Signal's device-linking feature (source)
- Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)
- URGENT: Microsoft Patches 57 Security Flaws, Including 6 Actively Exploited Zero-Days (source)