Microsoft tops Vade's phishing report, which has some good news: The overall number of phishing attacks declined in the second quarter. Credit: Weerapatkiatdumrong / Getty Images Microsoft toppled Facebook for the top spot in the 25 most impersonated brands by phishers in the first half of 2022, with a total of 11,041 unique phishing URLs, according to Vade’s latest Phishers’ Favorites report.Facebook, which was the most impersonated company in 2021, followed close behind in the second spot, with 10,448 phishing URLs, according to Vade, which offers an email filtering service for phishing, malware, spear phishing, and spam.Other brands rounding out the top five in the list included Credit Agricole, Whatsapp, and Orange.There was some good news in the report: The total number of phishing attacks decreased in the second quarter compared to the first. That’s because, even though the number of phishing attacks impersonating major brands like Microsoft and Facebook increased quarter over quarter, the first quarter of the year saw the most phishing attacks overall, with 81,447 unique phishing URLs detected, compared to 53,198 in the second quarter. Microsoft, Facebook phishing rode on creative tacticsMicrosoft’s widely popular 365 platform, with more than 240 million business subscribers, has created an irresistible target, fueling a 266 percent quarter-over-quarter jump in phishing attacks impersonating the brand this year.According to Vade’s findings, the Microsft brand was used in a large number of technical support scams, as were other companies like McAfee, Norton, Apple and Amazon. What was different in these scams is that hackers used phone numbers rather than phishing links to lure users and bypass email filters. For instance, in June, hackers impersonated Microsoft Defender, alerting the intended victim about a $299.00 subscription payment supposedly posted to their bank account, which could only be canceled via phone within 24 hours. When victims called the number listed in the alert, hackers would try to take control of users’ computers to install spyware.Equally creative tactics were noticed in Facebook phishing, which included sending emails that indicated a user was being locked out of their social media accounts for “violation of Community Standards.” Subsequently, the victim had to click on “disagree with decision” within 30 days in order to regain access, thereby initiating the phishing payload.Another phishing attack asked users to confirm their identity with formal documents, saying that it was required by Facebook’s “renewed privacy policy.”Financial, cloud sectors are biggest phishing targets Financial services topped the list of most impersonated industries in phishing, with eight brands in the top 25. The top phished brands in the space include Credit Agricole, MTB, and PayPal, recording a 203%, 332%, and 305% quarter-over-quarter increase respectively. Cloud services, with a contribution of six names in the top 25 list, were the second most impersonated segment, including brands like Microsoft, Google, Netflix, Adobe, and Docusign.While Financial services represented 34% of all unique phishing URLs detected, cloud and internet/telco companies contributed 19%. Social Media, e-commerce, and government sectors had a 17%, 10%, and 1% share, respectively. Another key finding in the report was that most phishing attacks were observed during the weekdays, with Tuesdays being the most active. Related content news ShadowSyndicate Cybercrime gang has used 7 ransomware families over the past year Researchers from Group-IB believe it's likely the group is an independent affiliate working for multiple ransomware-as-a-service operations By Lucian Constantin Oct 02, 2023 4 mins Hacker Groups Ransomware Cybercrime feature 10 things you should know about navigating the dark web A lot can be found in the shadows of the internet from sensitive stolen data to attack tools for sale, the dark web is a trove of risks for enterprises. Here are a few things to know and navigate safely. By Rosalyn Page Oct 02, 2023 13 mins Cybercrime Cybercrime Security news UK government plans 2,500 new tech recruits by 2025 with focus on cybersecurity New apprenticeships and talent programmes will support recruitment for in-demand roles such as cybersecurity technologists and software developers By Michael Hill Sep 29, 2023 4 mins Education Industry Government Security Practices news UK data regulator orders end to spreadsheet FOI requests after serious data breaches The Information Commissioner’s Office says alternative approaches should be used to publish freedom of information data to mitigate risks to personal information By Michael Hill Sep 29, 2023 3 mins Government Cybercrime Data and Information Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe