For the first time ever, PayPal has overtaken Microsoft as the most impersonated brand by phishers.
The news comes by way of the Vade Secure “Phishers’ Favorites Report” which lists, every quarter, the top 25 most impersonated brands by phishers worldwide.
The report measures the number of unique phishing URLs that link to brand impersonation sites and ranks them accordingly.
Microsoft, which had held the top spot for all five quarters the report has been running, was finally knocked off its thrown by PayPal, which saw an incredible 180 new phishing URLs each day in Q3 2019. During the same period, Microsoft saw around 150 unique phishing URLs per day.
With over 280 million active PayPal accounts, the online payment giant has become a very profitable tool for phishers.
Phishers show no signs of slowing
Phishing attacks worldwide continue to climb at an alarming rate, the Anti-Phishing Working Group (APWG) reported record levels of phishing activity in Q3 2019. The consortium, which consists of over 3,200 members and 1,700 organisations directly affected by phishing attacks or providing counter phishing/social engineering services detected 266,387 phishing sites between July and October of 2019, almost twice the number detected during the same period last year. This also marks a 46% increase from the previous quarter, showing signs of significant acceleration.
This is the worst period for phishing that the APWG has seen in three years, since the fourth quarter of 2016
Greg Aaron – APWG Senior Research Fellow and President of Illumintel Inc
As the threat from phishing attacks continues to grow, it becomes increasingly essential for organisations to educate their users on the dangers of email-borne attacks. Security Awareness Training (SAT) and simulated phishing campaigns remain the most cost-effective and efficient method of reducing an organisations’ cyber threat surface.
At Phishing Tackle, we believe online security is a necessity, not a luxury afforded to only the largest organisations. We’ve even created a free test which allows you to see how many of your users would be susceptible to a phishing attack, a tool we call the Click-Prone® Test.
Act swiftly, malicious actors are targeting organisations of all sizes, your users are your first and last line of defence.