Facebook and Microsoft are the Most Impersonated Brands in Phishing Attacks

Vade's phishing and malware report reveals phishing volumes increased by more than 54% in H1 2023.

July 13, 2023

3 Min Read


SAN FRANCISCO, July 13, 2023 /PRNewswire/ — Vade, a global cybersecurity company that secures human collaboration with a combination of AI and human-powered detection and response, today released its H1 2023 Phishing and Malware Report. The research reveals the top 10 most impersonated brands in phishing in H1 2023 and details phishing and malware trends in the first half of the year. Facebook landed in the No. 1 spot for the most impersonated brand in H1, followed by Microsoft. Rounding out the top 5 are Crédit Agricole, SoftBank and Orange.

Facebook and Microsoft continue their dominance as the most impersonated brands

Facebook and Microsoft's collective dominance as the most spoofed brands continued into H1 2023, with the former accounting for 18% of all phishing URLs and the latter accounting for 15%. While Facebook was the clear leader, Microsoft overtook the social media giant in Q2 after experiencing a 22% QoQ increase in spoofing attempts. Demonstrating just how popular these brands are among hackers, Facebook and Microsoft together accounted for more unique phishing URLs than the next top five brands combined (Crédit Agricole, SoftBank, Orange, PayPal and Apple).

Financial services remains the most impersonated industry

Q2 was a record quarter for Japan-based Softbank, who ended the period as the third most impersonated brand in phishing attacks, accounting for 4591 unique URLs and experiencing a 1500% QoQ increase. At the end of H1, SoftBank ended up in the No. 4 slot behind Facebook, Microsoft and Crédit Agricole. But SoftBank isn't alone – US-based First Citizens Bank experienced a 4000% increase in unique phishing URLs between Q1 (12) and Q2 (502). Last but not least, France-based Crédit Agricole jumped four places to become the third most impersonated brand in H1, with QoQ increases of 170% in Q1 and 61% in Q2, respectively.

It comes as no surprise that the financial services industry remained the most impersonated industry in H1. The sector accounted for more than 33% of all phishing URLs, followed by the social media (22%) and cloud (21%) industries.

Phishing attacks continue to target Microsoft and Google

In addition to Microsoft, Google also made it into the list of the top 10 most impersonated brands in H1, which is unsurprising given the popularity of both of their productivity suites, Microsoft 365 and Google Workspace. In Q2 alone, Vade uncovered two attacks targeting Microsoft 365 users and two attacks exploiting Google services, including YouTube and Google Translate. Research on these attacks and more can be found on Vade's blog.

Additional highlights from the H1 2023 Phishing and Malware report include:

  • In Q1 and Q2 2023, more financial services brands were among the top 25 most impersonated brands than in any quarter in the past 3 years

  • Malware volumes increased slightly from H2 2022 (111.4 million) to H1 2023 (112.3 million)

  • January saw the highest volume of phishing emails, while February saw the lowest

  • Facebook accounted for 85% of the social media sector's phishing URLs

Read the full H1 2023 Phishing and Malware Report here.

About Vade

Vade is a global cybersecurity company that secures human collaboration with a combination of AI and human-powered detection and response. Vade's products and solutions protect consumers, businesses, and organizations from email-borne cyberattacks, including malware/ransomware, spear phishing/business email compromise, and phishing.

Vade is a fast-growing, channel-first company with a growing network of MSP and MSSP partners, as well as distribution agreements with leading distributors and aggregators in North America, EMEA, and Asia. Founded in 2009, Vade protects more than 1.4 billion corporate and consumer mailboxes and serves the ISP, SMB, and MSP markets with award-winning products and solutions that help increase cybersecurity and maximize IT efficiency.

To learn more, please visit www.vadesecure.com and follow us on Twitter @vadesecure or LinkedIn https://www.linkedin.com/company/vade-secure/.


Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights