Walmart was the most copied company of Q1 2023 in phishing scams. The multinational retailer has left front companies and technology giants behind in a global ranking of brands most used by crooks after having its name associated with a large campaign of fraudulent links, with 16% of all global attacks of the type.
The wave was so big that it caused the retailer to leave 13th place, occupied at the end of 2022, directly to the top of the list. DHL, the freight company whose name is also often associated with phishing campaigns involving fake delivery tracking links, came in second with 13% of attacks detected worldwide.
The numbers are from Check Point Research, the threat intelligence arm of the cybersecurity company. The Top 5 most used brands in phishing attacks is completed by Microsoft, LinkedIn and FedEx, with numbers ranging from 12%, in the case of the technology company, to 6% and 4.9%, respectively.
The presence of the giant from Redmond in third place shows, again, a focus of the bandits on obtaining corporate credentials. After all, in this segment, it is common to use tools such as Office 365 and Microsoft Teams on a daily basis; Misleading a user from fraudulent links and downloads using the brand results in a high chance of obtaining corporate credentials, which can be used in later attacks involving ransomware, data theft and others.
When it comes to retail and, by extension, shipping, the target of the bandits is payment information and entry into services. E-mails, passwords, documents and credit card data are among the favorite entries of bandits in this segment, as well as those involving brands such as Netflix, which appears as the seventh most used in campaigns, or PayPal, in the ninth placing.
Emails and text messages remain key phishing attack vectors
The Check Point report also highlights the appearance of Bank Raiffeisen in eighth place. The Austrian financial institution, which has a strong presence in Europe, had its name used in 3.6% of phishing attacks carried out between January and March, in yet another record that shows a large-scale campaign. In this case, the excuse was a security update on the bank accounts, from a link that sent the information entered by the customer to the criminals.
Emails and text messages remain the main attack vectors, while websites follow the official format, copying designs to trick users; the URL can also be similarly crafted to increase the scam’s appearance of legitimacy. “The best defense against phishing threats, as always, is knowledge,” points out Omer Dembinsky, manager of Check Point Software’s data research group.
For him, knowing how to recognize attempts of this type is essential. Users should avoid clicking on links received by email, social networks or messages, checking URLs of accessed sites and only delivering information or downloading when they are sure they are accessing the real pages. Spelling errors or different domains from the originals are also indications of fraudulent sites.
