Check Point Research (CPR) has released new research examining the biggest phishing scams in the second quarter of 2024.
CPR’s ranking puts Microsoft as the most frequently imitated, appearing in a staggering 57% of messages, with Apple rising to second place with 10%.
There were also several new entries in the top 10 list, with Instagram, WhatsApp, and Adidas accounting for a combined 2.3% of threats.
Growing threats
Tech remains the most impersonated industry, with critical service providers a popular target due to often storing sensitive information such as financial information and personal data.
When impersonating Microsoft, cybercriminals will most commonly fabricate a threat to your device which needs fraud protection software to be downloaded, and ask you to follow a link or attachment. Fraudulent emails also regularly include ‘Message Failure Delivery’ notices, looking to prompt users to follow a link to a website which closely resembles the Outlook login page, tricking users into giving away their login credentials.
Similarly, Apple impersonators will often claim that a user's Apple ID has been locked or compromised, and will encourage users to follow their own link to log in to a mock login page.
Retail based phishing scams often present as fraudulent purchasing sites resembling the brand, and aim to get users to enter their payment details.
Staying alert
Phishing attacks are designed to panic users into acting quickly to follow their instructions, leading you to a fraudulent site to enter your account details.
“Phishing attacks remain one of the most pervasive cyber threats and are often the entry point for much larger scale campaigns [in] a supply chain,” warned Data Group Manager at Check Point Software, Omer Dembinsky.
Dembinsky advises users to always avoid clicking on unsolicited links, to thoroughly verify email addresses, and to use Multi Factor Authentication. If you believe you have been sent a phishing scam, UK users can forward them to the police at Action Fraud on report@phishing.gov.uk.
Acting quickly is key if you believe you have fallen victim to the scam, contacting your bank and opening an investigation into any suspicious activity.
More from TechRadar Pro
- Watch out, Android fans – this banking malware threat is masquerading as a Google Play update
- Here's a list of the best firewalls today
- These are the best endpoint protection tools right now