(Source – Shutterstock)

LinkedIn is still the most imitated brand in phishing scams

As the most used professional networking social media platform in the world, it is not surprising that LinkedIn has once again emerged as the most imitated brand in the second quarter of 2022.

LinkedIn, which is mostly used by professionals to communicate with each other, develop leads and such, has about 66.8 million users in the United States alone and millions more around the world.

According to Check Point Research’s (CPR) Brand Phishing Report for Q2 2022, while LinkedIn’s share has dropped slightly; down from 52% in Q1 to 45% of all phishing attempts in Q2, this is still a worrying trend that highlights the ongoing risks facing users of the trusted social media platform. Social networks generally continue to be the most imitated category, followed by technology which, this quarter, took over second place from shipping.

The report highlights the brands that were most frequently imitated by cybercriminals in their attempts to steal individuals’ personal information or payment credentials over the quarter.

Apart from LinkedIn, Microsoft also experienced a 13% increase in all brand phishing attempts, more than double the amount in the previous quarter, and edged DHL into third place with 12%. Some new brands entering the top 10 were Adidas, Adobe, and HSBC.

Below are the top brands ranked by their overall appearance in brand phishing attempts:

  1. LinkedIn (45%)
  2. Microsoft (13%)
  3. DHL (12%)
  4. Amazon (9%)
  5. Apple (3%)
  6. Adidas (2%)
  7. Google (1%)
  8. Netflix (1%)
  9. Adobe (1%)
  10. HSBC (1%)

What’s worrying is the scams related to Microsoft as they pose a danger to both individuals and organizations. The report highlighted a specific example of an Outlook phishing email luring users to a fraudulent Outlook web page with the subject line: “[Action Required] Final Reminder – Verify your OWA Account now”, asking the victim to enter their login credentials.

The malicious email which was sent with the subject “[Action required] Final Reminder – Verify your OWA Account now (Source – Check Point Research)

For LinkedIn-based phishing campaigns, scammers imitated the style of communication of the professional social media platform with malicious emails using subjects like: “You appeared in 8 searches this week” or “You have one new message” or “I’d like to do business with you via LinkedIn.” Although appearing to come from LinkedIn they used an email address that was completely different from that of the brand.

Fraudulent page to verification LinkedIn account information (Source – Check Point Research)

Omer Dembinsky, Data Research Group Manager at Check Point Software highlighted that phishing emails are a prominent tool in every hacker’s arsenal as they are fast to deploy and can target millions of users at a relatively low cost. He added that they allow cybercriminals to leverage the reputation of trusted brands to give users a false sense of security that can be exploited to steal personal or commercial information for financial gain.

“The criminals will use any brand with sufficient reach and consumer trust. Hence, we see hackers expanding their activities with the first appearance of Adidas, Adobe, and HSBC in the top 10. The hackers trade on our trust in these brands and that very human instinct for ‘the deal.’ There’s a reason the hackers continue to use brand-based phishing. It works. So, consumers need to act with caution and look out for tell-tale signs of fake email, like poor grammar, spelling mistakes, or strange domain names. If in doubt, head for the brand’s own website rather than clicking any links,” commented Dembisky.

Brand phishing attacks not only take advantage of implicit trust in a familiar brand, adopting its brand imagery often using a similar URL, but it also plays on human emotions, like the fear of missing out on a discount. CPR explained that the sense of urgency this creates leads consumers to click in haste without first checking if the email is from the brand in question.

As such, this could lead to them inadvertently downloading malware or handing over precious personally identifiable information which can give criminals access to their entire online world and potential financial loss.