Apple was the most imitated brand in phishing attempts in Q1 2020
Apple was the most imitated brand in web-based phishing campaigns in the first quarter of 2020, new research shows.
An example of a fradulent Apple phishing page. Credit: Malwarebytes Lab
Phishing remains one of the most popular tactics for cybercriminals and other bad actors to steal data or money across through fraudulent links sent via email, text or web browser redirects.
According to a new report from cybersecurity firm Checkpoint, web-based phishing campaigns remained the most popular in Q1 2020, accounting for 59% of attempts. Apple ranked as the most imitated brand for the category, followed by Netflix, PayPal, and eBay.
Apple's jump from 7th place in the fourth quarter of 2019 to first place in Q1 2020 may have been the result of phishing campaigns attempting to take advantage of the buzz surrounding unreleased Apple products, Checkpoint theorizes.
Due to the ongoing coronavirus pandemic, there are a few other notable changes. Mobile-based phishing detections became the second most common attack vector, up from third place in Q4 2019, likely due to more users working from home. Previously, email ranked in second place.
Services commonly used in both at-home leisure and work, like PayPal and Netflix, also saw a boost in popularity between the Q4 2019 and the beginning of Q1 2020.
Checkpoint notes that the total number of brand-based phishing attempts remained stable between Q4 2019 and Q1 2020.
Earlier in April, the U.S. and U.K. governments warned citizens against clicking on any suspicious links to supposed relief websites.
An example of a fradulent Apple phishing page. Credit: Malwarebytes Lab
Phishing remains one of the most popular tactics for cybercriminals and other bad actors to steal data or money across through fraudulent links sent via email, text or web browser redirects.
According to a new report from cybersecurity firm Checkpoint, web-based phishing campaigns remained the most popular in Q1 2020, accounting for 59% of attempts. Apple ranked as the most imitated brand for the category, followed by Netflix, PayPal, and eBay.
Apple's jump from 7th place in the fourth quarter of 2019 to first place in Q1 2020 may have been the result of phishing campaigns attempting to take advantage of the buzz surrounding unreleased Apple products, Checkpoint theorizes.
Due to the ongoing coronavirus pandemic, there are a few other notable changes. Mobile-based phishing detections became the second most common attack vector, up from third place in Q4 2019, likely due to more users working from home. Previously, email ranked in second place.
Services commonly used in both at-home leisure and work, like PayPal and Netflix, also saw a boost in popularity between the Q4 2019 and the beginning of Q1 2020.
Checkpoint notes that the total number of brand-based phishing attempts remained stable between Q4 2019 and Q1 2020.
Earlier in April, the U.S. and U.K. governments warned citizens against clicking on any suspicious links to supposed relief websites.
Comments
Wasn't surprised.
The grandma who has a Samsung Galaxy "iPhone" does not think twice when "Apple" sends her a legit-looking email.
Apple needs a standard login format (FaceID?) for their devices. This may help grandmas from getting scammed. *
*Never mind, I don't think this way alone will work since external sites will not be mandated to this info and will still trick grannies.
The BEST thing you can do is turn on 2-Factor!!! Because even if you were dumb enough to fall for the whole fake web page log-In screen used to steam your log-in credentials. Without that second factor, they are stopped in their tracks!!! Even if you gave them your 6 digit code, unless it was used within a minute, that code would have changed and now they are back to being locked out of your account.
I had someone from CHINA somehow got my old password which was used at a few places. That person was stopped in their tracks when my iPhone popped up a Box saying someone was trying to gain access to my account, showing a small map of China, with a Allow or Deny Box. Of course I denied!!!! If I didn't have 2 factor turned on, they would have had full access to my Apple Account and done all kinds of things. Like copying all my pictures, or worse.
Of course after that I updated my Password to something really LONG and used no where else. I'm slowly working on changing my passwords everywhere else to long use one once passwords. This is where you really NEED a password manager. I use Lastpass. I got a Family Account and have my Dad on that to use, and helping him with turning on 2-Factor at places, at least the really important places. your e-mail account for example. Someone gains access to that, now they can just do a password recovery for your other places and gain access to them. He has his Facebook account hacked a few times. So 2-Factor is turned on there now, along with better, random password. His bank, I got it turned on.
So make sure to use a long, Random password. I let LastPass generate a 20 or so digit one. Different for each site. So if one place gets hacked, they can't gain access to anywhere else you may be at. Turn on 2-Factor everywhere you can. I even have it on for Amazon. So if you get suckered into being Phished, it's not the end of the world, as they still can't gain access because of that second factor. Then when you realize what happened, you can go in and change your password to something new and Lastpass will update it's self. If I can get my 72 year old Dad to get on this page, you should be able to do it.