Facebook and Microsoft remain prime targets for spoofing

While trends in phishing frequently evolve, Facebook and Microsoft’s collective dominance as the most spoofed brands continues, according to Vade.

Microsoft spoofing attempts

Facebook and Microsoft’s collective dominance as the most spoofed brands continued into H1 2023, with the former accounting for 18% of all phishing URLs and the latter accounting for 15%.

Microsoft experienced increase in spoofing attempts

While Facebook was the clear leader, Microsoft overtook the social media giant in Q2 after experiencing a 22% QoQ increase in spoofing attempts.

Demonstrating just how popular these brands are among hackers, Facebook and Microsoft together accounted for more unique phishing URLs than the next top five brands combined (Crédit Agricole, SoftBank, Orange, PayPal and Apple).

Q2 was a record quarter for Japan-based Softbank, who ended the period as the third most impersonated brand in phishing attacks, accounting for 4591 unique URLs and experiencing a 1500% QoQ increase. At the end of H1, SoftBank ended up in the No. 4 slot behind Facebook, Microsoft and Crédit Agricole.

But SoftBank isn’t alone – US-based First Citizens Bank experienced a 4000% increase in unique phishing URLs between Q1 (12) and Q2 (502). Last but not least, France-based Crédit Agricole jumped four places to become the third most impersonated brand in H1, with QoQ increases of 170% in Q1 and 61% in Q2, respectively.

Malware volumes show slight increase in H1 2023

It comes as no surprise that the financial services industry remained the most impersonated industry in H1. The sector accounted for more than 33% of all phishing URLs, followed by the social media (22%) and cloud (21%) industries.

In addition to Microsoft, Google also made it into the list of the top 10 most impersonated brands in H1, which is unsurprising given the popularity of both of their productivity suites, Microsoft 365 and Google Workspace. In Q2 alone, Vade uncovered two attacks targeting Microsoft 365 users and two attacks exploiting Google services, including YouTube and Google Translate.

In Q1 and Q2 2023, more financial services brands were among the top 25 most impersonated brands than in any quarter in the past 3 years. Malware volumes increased slightly from H2 2022 (111.4 million) to H1 2023 (112.3 million).

January saw the highest volume of phishing emails, while February saw the lowest. Facebook accounted for 85% of the social media sector’s phishing URLs.

Don't miss