Microsoft tops list of most imitated brands for phishing attempts in Q3 2020


Microsoft is number one in the list of the most imitated brands for phishing attempts to steal an individual’s personal information or payment credential in the third quarter of 2020, according to a recent report by Check Point Research.

The report showed that Microsoft accounted for 19% of phishing attempts on brands targeted by hackers in the third quarter.  A rapid increase from 7% in the previous quarter, when the tech giant was fifth on the list of the most imitated brands targeted for phishing schemes.

Phishing attempts designed to take advantage of people working from home

The phishing attempts related to Microsoft indicated that hackers are looking to capitalize on the huge numbers of workers currently working from home due to the COVID-19 pandemic.

Signup for the USA Herald exclusive Newsletter

“In this past quarter, we saw the highest increase in email phishing attacks of all platforms compared to Q2, with Microsoft being the most impersonated brand. This has been driven by threat actors taking advantage of the mass migration to remote working forced by the Covid-19 pandemic, to target employees with fake emails asking them to reset their Microsoft Office 365 credentials,” said Maya Horowitz,  Director, Threat Intelligence & Research, Products at Check Point.

Horowitz  added, “As always, we encourage users to be cautious when divulging personal data and credentials to business applications, and to think twice before opening email attachments or links, especially emails that claim to from companies, such as Microsoft or Google, who are most likely to be impersonated.”

The ongoing COVID-19 pandemic changed the nature of the workplace in the United States and other countries worldwide. The technology quickly became the leading industry for fraudulent activity with banking and social media following closely. Technology’s ascension to the top spot for phishing scams further correlates with COVID-19.

Brand phishing attacks are cases where scammers utilize replica URL’s and domain names to mirror real websites and trick users into providing compromising information such as login info and bank account specifics.

Looking more closely at impersonated brands, DHL has risen to second place with 9% of phishing attempts while Google followed closely behind. The list also included Paypal and Netflix at 6%, Facebook, Apple, and WhatsApp at 5% while Amazon and Instagram at 4%.

Check Point Research is a leading cyber-security threat intelligence arm and is part of Check Point Software Technologies Ltd. Its team of over 100 analysts works tirelessly to protect users from multiple types of scams.


Have a story you want USA Herald to cover? Submit a tip here and if we think it’s newsworthy, we’ll follow up on it.

Want to contribute a story? We also accept article submissions – check out our writer’s guidelines here.