According to the data presented by the Atlas VPN team, Amazon topped the list as the most impersonated brand in email phishing attacks worldwide last year. In total, 17.7% of brand phishing emails used Amazon’s brand name.
The trillion-dollar brand is closely followed by the world’s leading logistics company DHL and a cloud-based electronic signature technology provider DocuSign, each accounting for 16.5% and 12.7% of the brand phishing campaigns, respectively.
Cybercriminals choose to impersonate big brands to lower the guard of their potential victims. Email phishing attacks lure targets to open links to malicious websites designed to infiltrate malware or steal data.
Digital payment service provider PayPal occupies the fourth spot on the list. Last year, the brand’s name was used in 5.7% of brand impersonation emails.
Next up is the world’s largest professional online network LinkedIn. LinkedIn’s name was abused in 3.5% of brand phishing campaigns.
Other brands in the top ten include Microsoft (3%), web hosting company 1&1 (2.5%), British telecommunications services provider O2 (2.3%), the social media giant Facebook(2.2%), and British banking group HSBC (1.8%).
Cybersecurity writer and researcher at Atlas VPN Ruta Cizinauskaite shares her thoughts on brand phishing attacks: “Brand phishing attacks are especially damaging as they hurt not only the victims that fell for the attack but also the reputation of brands that have been spoofed. There is not much organizations can do to prevent cybercriminals from exploiting their brands. However, email users can protect themselves against phishing attempts by taking matters into their own hands.”