Cybercriminals Focus Attacks on Trusted โBrands, Leveraging โAI for Deceptive Phishing
Cybercriminals are increasingly concentrating their phishing efforts on aโ small numberโข of highly trusted brands, particularly โMicrosoft, exploiting user โfamiliarity and a sense of security. โAccording to recent data from Check Point Research, a โstaggering 40%โ of all phishing attempts in the third quarter targeted Microsoft, demonstrating a โขclear โstrategy to leverage platforms usersโค interact withโข daily and inherently trust.
This โขshift in tactics also saw the return of PayPal and DHL to the global top 10 most impersonated brands,โ after a period of absence. PayPal currently accountsโข for 3% of attacks, while DHL represents 2%, signaling a broadening focus on financial and logistics services – sectors where urgency and the needโฃ for speedy action are easily exploited.
“AI-generated phishing is hyper-personalized and deeplyโฃ deceptive,” warns Omer Dembinsky, Director โขof Data Research at Check โฃPoint Software. “The fact that 40% of attempts impersonate Microsoft,and that brands like PayPal and DHL are resurfacing,demonstrates how attackers have redoubled their efforts in the services everyday tasks that users trust most.”
Researchersโ at Check Point have uncovered sophisticated scam websitesโ meticulously designed to mimic legitimate platforms. Such as, the domain dhl-login-check[.]org perfectly replicated theโ official DHL login page, successfullyโ collecting credentials,โข email addresses, phone numbers, and physical addresses from unsuspecting users under the guise of routine package tracking. Similarly, a โfraudulentโ site at paypal-me[.]icu lured victims with promises of fake rewards,โฃ harvesting passwords, credentials, and credit card details. The combination of well-known brandsโ with emotional triggers like urgency or the allure of rewards effectively blurs the โคline between โlegitimate and โขfraudulent experiences.
Beyond Microsoft, โคthe top ten most impersonated brands for theโ third quarter include Spotify (4%), Amazon (3%), Adobe โข(3%), Booking.com (2%), and LinkedIn (2%). The technology sector remains the most targeted, followed closely by social networks and retail – all โฃsectors handling โimportant โคvolumes of sensitive user data.
With the peakโ holiday shopping season approaching, experts predict a surge in scams targeting โtravel and logistics services, capitalizing on increased online traffic andโ the time pressure associated with Christmas shopping.
Addressing this escalating threat requires a proactive, multi-layered approach. Check Point Research โemphasizes the need for organizations โคto update their security protocols to counter the evolving sophistication ofโ threats powered by generative AI. This includes implementing AI-based security technology,strengthening authentication methods,and โฃproviding ongoing user โtraining.
Check Point’s analysis โคis powered by ThreatCloud, a global network that monitors cyberattacks in real-time, enabling the identification of emerging patterns and proactive โฃdefense updates.
The key takeaway is clear: in a landscape where 40% ofโ attacks focus on a single brand, unquestioning trust in even the most familiar platforms represents a significant vulnerability demanding constant vigilance and continuous digital education.
Author: โฃAdolfo Manaure
Enthusiastic follower of technology and innovations that change the world. editorial Director and COOโ at The HAP Group.