Business-related applications like those from Microsoft, Zoom, and DocuSign are most often impersonated in brand phishing attacks.
Criminals launching impersonation phishing attacks prefer to spoof business-related apps from Microsoft, Zoom, and DocuSign, researchers report in a new email security survey.
Enterprise applications are spoofed in 45% of impersonation phishing attacks, GreatHorn researchers say. Social media-related apps such as Facebook, LinkedIn, and Twitter are seen in 34% of these attacks, and consumer apps such as Amazon and PayPal are seen in 20%, they note.
Email security is the top priority for IT and security teams this year, they report, but only 9% of respondents are most worried about brand impersonation attacks. Most (22%) say their greatest concern is people impersonation attacks, in which fraudsters send emails pretending to come from executives, vendors, or human resources or finance teams. Other top concerns include payload attacks (21%) and wire transfer requests (14%).
It's worth noting that phishing campaigns rarely use one technique, researchers say. More common are multipronged attacks that may prompt an email recipient to click a link and/or download an attachment, all while pretending to be from a person or brand.
Access the full report here for more details.
About the Author(s)
You May Also Like
Guarding the Cloud: Top 5 Cloud Security Hacks and How You Can Avoid Them
April 4, 2024Cybersecurity Strategies for Small and Med Sized Businesses
April 11, 2024Defending Against Today's Threat Landscape with MDR
April 18, 2024Securing Code in the Age of AI
April 24, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024Black Hat Asia - April 16-19 - Learn More
April 16, 2024