Phishing attacks remain a significant threat to organizations across various industries, with threat actors disguising malicious emails as legitimate messages from trusted brands, in an attempt to deceive users into divulging sensitive information or installing malware.
A multi-year survey by Cofense has highlighted phishing campaigns that spoofed trusted brands across the top 10 industries they serve – with Microsoft coming out on top as the most impersonated brand.
Cofense found 92.87% of the phishing emails it analyzed targeted Microsoft users, followed by Adobe and Webmail, accounting for 3.53% and 1.62%, respectively.
Be wary of emails from Microsoft
Microsoft spoofing is highly versatile, Cofense warned, with emails mimicking everything from Multi-Factor Authentication (MFA) requests to shared document alerts. The familiarity of Microsoft-related emails makes it easy for attackers to design convincing phishing attempts.
In finance and insurance, where there is a strong reliance on document sharing for signatures, Adobe is the second most targeted brand in this sector behind Microsoft. DHL and Meta are also common targets.
The manufacturing and mining sectors have Microsoft, Adobe, and Webmail topping the list. However, it is interesting to note that China Union Pay, a payment service in China, and South African Post Office ranks among the top five spoofed brands in this sector.
In the retail sector, Microsoft and Adobe continue to dominate, however, due to the logistical nature of the retail industry, DHL ranks third. Canada Post, a key logistics provider, also makes the list, emphasizing the focus on supply chain and delivery-related phishing campaigns.
Even in niche sectors like real estate, utilities, and transportation, Microsoft and Adobe are frequently impersonated. Instagram is also subject to impersonation, with attackers often attempting to hijack high-following social media accounts to spread scams and malware.
Microsoft and Adobe again top the list in the healthcare sector, but as this industry requires frequent use of file sharing, Dropbox and Docusign are often impersonated to trick healthcare workers into providing access to sensitive patient data.
Phishing emails often mimic legitimate messages from well-known companies, making it easier for attackers to deceive users into clicking on malicious links or providing sensitive information. It’s crucial to verify the authenticity of any unexpected emails from such brands and be on the lookout for signs of phishing, such as suspicious links, unfamiliar senders, or requests for personal information.