Phishing, Email security, Identity

Top 5 most abused brands by hackers

Malicious e-mails pelting inboxes hit all-time high in Q1, 2023

Microsoft, PayPal and Facebook top the list of most abused brands used in phishing attacks. And the number one goal is luring you into handing over user account credentials.

The brand abuse data comes from Abnormal Security, that outlined the top 5 most impersonated brands so far in 2023.

According to Abnormal Security’s Mike Britton attacks most often have the goal of accessing Microsoft credentials to gain access to Microsoft’s 365 environment in hopes of pilfering sensitive data from Outlook or SharePoint.

“Perhaps unsurprisingly, Microsoft is by far the most commonly spoofed company — with nearly 650,000 attacks stopped by Abnormal in the last year,” Britton wrote. “That’s 4.31% of all phishing attacks among 350 brands!”

It was reported earlier this month that threat actors were using the phishing-as-a-service tool EvilProxy to target Microsoft 365 accounts at more than 100 organizations representing 1.5 million employees, including high-level C-suite executives at leading companies.

Abnormal Security’s top 5 impersonated brands so far in 2023 are:

  1. Microsoft (4.31%)
  2. PayPal (1.05%)
  3. Facebook (0.68%)
  4. DocuSign (0.48%)
  5. Intuit (0.39%)

Those figures are in line with recent reporting from other security firms. The software giant topped Check Point’s July report where Microsoft jumped from the No. 3 spot in Q1 of 2023 to No. 1.

But as Britton pointed out, the arrival of new technologies such as generative AI will likely make it easier for the bad guys to impersonate brands and create phishing scams as the tools like ChatGPT make it easier for them to create more convincing emails and sites without typos or grammatical errors that were telltale signs.

An In-Depth Guide to Identity

Get essential knowledge and practical strategies to fortify your identity security.
Stephen Weigand

Stephen Weigand is managing editor and production manager for SC Media. He has worked for news media in Washington, D.C., covering military and defense issues, as well as federal IT. He is based in the Seattle area.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds