Brands Most Commonly Spoofed by Phishers Revealed

Vade Secure has released a new report detailing the brands most commonly targeted by phishers in North America. The Phishers’ Favorites Top 25 list reveals the most commonly spoofed brands in phishing emails detected in Q3, 2018.

For the latest report, Vade Security tracked 86 brands and ranked them based on the quantity of phishing attacks in which they were impersonated. Those 86 brands account for 95% of all brand spoofing attacks in Q3, 2018. Vade Secure notes that there has been a 20.4% increase in phishing attacks in Q3.

As was the case the previous quarter, Microsoft is the most targeted brand. Phishers are attempting to gain access to Office 365, Azure, and OneDrive credentials. If any of those login credentials can be obtained, the attackers can plunder accounts and steal confidential information, and in the case of Office 365, use the email accounts to conduct further attacks on individuals within the same organization or use contact information for external spear phishing attacks. Vade Secure has recorded a 23.7% rise in Microsoft phishing URLS in Q3.

The extent to which Microsoft is targeted is clearly demonstrated in the graph below:

In second place is PayPal, the leading spoofed brand in the financial services. Here the aim is simple. To gain access to PayPal accounts to make transfers to accounts controlled by criminals. There has been 29.9% growth in PayPal phishing URLs in Q3, 2018.

Netflix phishing scams have increased considerably in Q3, 2018. Vade Secure notes there has been 61.9% growth in the number of Netflix phishing URLs. The aim of these campaigns is to gain access to customers credit card details, via threats of account closures that require verification using credit card details, for example. The increase in Netflix phishing attacks saw the brand rise to third place in Q3.

Bank of America and Wells Fargo scams round out the top five, which had 57.4% and 21.5% phishing URL increases respectively. While down in 7th place overall, Chase bank phishing scams are noteworthy due to the massive increase in phishing attacks targeting the bank. Q3 saw a 352.2% increase in Chase bank phishing URLs, with a similar rise – 359.4% – in phishing attacks spoofing Comcast. The highest growth in phishing URLs was for CIBC. Vade Security reports there was a 622.4% increase in detected phishing URLs, which raised the Canadian Imperial Bank of Commerce up 14 spots in the ranking to 25th place.

The report also shows that phishers favor Tuesdays and Thursdays for attacks targeting business users, while Netflix phishing scams most commonly take place on a Sunday. Vade Secure’s research also revealed phishers are now using each phishing URL for a shorter period of time to avoid having their emails blocked by email security solutions.

As a result, more emails are delivered to inboxes, highlighting the importance of raising security awareness of the workforce.

Author: Richard Anderson

Richard Anderson is the Editor-in-Chief of