Apple has the dubious distinction of being the most imitated brand globally used in attempted phishing attacks, claims a new report.
Check Point Research’s latest Brand Phishing Report covers the first quarter of 2020. It shows that Apple was the top target for web-based phishing attacks and the second for mobile-based attacks for the first three months of the year.
Brand phishing attacks involve sneaky attempts to get users to give up their passcodes and other identifying information by thinking they are dealing with a legitimate source. That could be an email seemingly from a well-known brand, which provides a website that looks like the official one. In many cases, the goal is to steal credentials or personal information for momentary or other nefarious purposes.
Apple was used in 10% of all brand phishing attempts around the world. After Apple, other brands used in attacks included Netflix, Yahoo, WhatsApp, PayPal, Chase, Facebook, Microsoft, eBay, and Amazon. Check Point’s report notes that web phishing is the most “prominent vector” for these attacks. They account for 59% of attacks, followed by mobile phishing.
Phishing attacks are relatively unsophisticated modes of attack. Users can defend against them by using common sense. For instance, make sure that you are dealing with an official website by not clicking links in email and verifying the addresses used. Watch out for lookalike domains such as App1e or Appple. Also, be aware of dodgy “special” offers. Finally, never give identifying information over the phone or in emails. If you have any doubt, contact Apple (or the company in question) directly.
Do you have any phishing horror stories or would-be horror stories? Let us know in the comments below.