in blows of phishing, a common method used by criminals is to construct fraudulent messages as if they were official communications from some company. And in the fourth quarter of 2021, according to Check Point software, there have been changes in corporations that malicious actors prefer to emulate to trick victims.
According to data from Check Point Software, in the period between October and December 2021, DHL, a shipping company, was the most used brand by criminals in phishing emails. It totaled 23% of detections during the quarter.
That number from DHL was enough to unseat Microsoft, which accounted for 20% of phishing attempts in the period. This change took place because the fourth quarter corresponds to the end of the year, when consumers tend to buy much more on the internet and need the services of the transport company more.
Want to stay on top of the best tech news of the day? Access and subscribe to our new youtube channel, Kenyannews News. Every day a summary of the main news from the tech world for you!
This is confirmed by the fact that another transport and delivery company, FedEx, also appears among the 10 most used brands in phishing scams in the fourth quarter of 2021. Among the other companies mentioned in the ranking is the presence of WhatsApp, in third place – the messenger is usually among the most used to kill victims.
“It is important to remember that, above all, cybercriminals are opportunists. In their attempts to steal personal data or deploy malware on a user’s machine, criminal groups often take advantage of consumer trends by imitating popular brands,” says Omer Dembinsky, Manager of the Data Research Group at Check Point Software.
Check out the following ranking, along with the global detection percentages during the period October to December 2021:
- 1 – DHL (23%)
- 2 – Microsoft (20%)
- 3 – WhatsApp (11%)
- 4 – Google (10%)
- 5 – LinkedIn (8%)
- 6 – Amazon (4%)
- 7 – FedEx (3%)
- 8 – Roblox (3%)
- 9 – Paypal (2%)
- 10 – Apple (2%)
How to protect yourself from phishing attacks
Even though phishing is one of the oldest scams on the internet, criminals continue to use it in a variety of ways. The good news is that regardless of what kind of social engineering malicious actors are trying to trick a potential target, the prevention tips are universal. Check it out below:
- Always check for possible spelling errors. Legitimate messages usually do not contain major misspellings or poor grammar. You need to read emails carefully and report anything that seems suspicious;
- Do not click on message attachments. Cybercriminals like to include malicious attachments that contain viruses and malware as a common phishing tactic. Do not open any email attachments that you do not expect to receive;
- Check the message signature. The lack of details about the signer or how the user can contact a company suggests phishing. Legitimate companies always provide contact details and details;
- Be careful with the tone of the message—urgent or threatening—in the subject line. Invoking a sense of urgency or fear is a common tactic for these scams. Be aware of possible threats of deactivated accounts or loss of benefits;
- Always share as little information as possible. Do not provide personal or confidential company information. Most companies will never ask for personal credentials via email, especially banks. Please carefully review before disclosing any confidential information via email.
