Vade announced its annual ranking of the top 20 most impersonated brands in phishing. Facebook, which was in the second spot in 2020, rose to the top spot for 2021, representing 14% of phishing pages, followed by Microsoft, with 13%.
The report analyzed 184,977 phishing pages linked from unique phishing emails between January 1, 2021 and December 31, 2021.
Financial services is the most impersonated industry
With six brands in the top 20, financial services was the most impersonated industry of 2021, representing 35% of all phishing pages, rising sharply based on its place at 28% in 2020. Chase, PayPal, and Wells Fargo join the list of the most impersonated financial services brands.
Microsoft is the most impersonated cloud brand and the top corporate brand
Microsoft is the second most impersonated brand in phishing attacks and the #1 most impersonated cloud brand, coming in just slightly behind Facebook. The report found that Microsoft phishing attacks sharply increased in sophistication in 2021, with a June attack leveraging automation to populate corporate logos and branding onto Microsoft 365 phishing pages. Joining Microsoft on the list of impersonated cloud brands are Netflix (#12) and Adobe (#15).
Facebook dominates social media phishing
Consistently ranked in the top five, Facebook once again dominated all other social media brands on the Phishers’ Favorites list. Other social media brands on the list include WhatsApp (#4) and LinkedIn (#17). Despite other social media brands lagging behind Facebook on the list, social media brands overall represented 24% of all phishing pages, compared to 13% in 2020.
Additional key findings
- 35% of all phishing pages impersonated financial services brands
- Mondays and Tuesdays are the top days for phishing
- 78% of phishing attacks occur on weekdays
- Monday and Thursday are the top days for Facebook phishing
- Thursday and Friday are the top days for Microsoft phishing