Microsoft, Facebook and Crédit Agricole stars of phishing campaigns

Phishing attacks know no holidays. In its latest report, cybersecurity company Vade singles out Crdit Agricole as the most impersonated French brand in the world. Microsoft and Facebook topped the rankings.

Specialized in securing messaging, Vade is in the front row to have an exhaustive view of phishing campaigns. In its report entitled Top 25 Phishers’ Favorites, it lists the 25 brands most impersonated in these attacks, orchestrated during the first half of the year. Microsoft takes the top spot, with 11,041 phishing URLs impersonating the brand. “Its ubiquity in the cloud (it has more than 240 million professional users of its Microsoft 365 platform) still makes it an irresistible target that attracts hackers from all over the world. This first place, Microsoft owes it to a 266% increase in the number of phishing URLs in the 1st quarter” reports Vade.

We find French companies such as Crédit Agricole (ranked 3e), Orange (rated (5e), La Banque Postale (9e), or even OVH (20e) among the 25 most affected companies. The social networks Facebook and WhatsApp also appear, respectively in positions 2 and 4. Facebook is in fact hot on the heels of the Redmond firm with 10,448 URLs, after a 177% increase in phishing URLs borrowing its identity in the second quarter. The network, which has about 2.93 billion active users, is a veritable windfall of data for hackers. It is the most used social network in the world.

Ranking of the most impersonated companies in the case of phishing attacks in the 1st half of 2022. (Credit: Vade)

Financial services, sector n°1 of phishing attacks

With four French companies listed in this ranking, including two from financial services and two companies specializing in telecommunications/Internet, hackers are increasingly diversifying on a global scale. Thus, financial services are the main sector affected by phishing in the 1er half of 2022. 8 of its representatives are thus ranked in this top 25, namely Crédit Agricole, MTB, PayPal, La Banque Postale, Chase, Credit Saison, Wells Fargo and ING. The usurpation of financial services brands exploded during this semester: Crédit Agricole (+203%), MTB (+332%), PayPal (+305%) and La Banque Postale (+143%).

The finance sector comes first. (Credit: Vade)

This sector accounts for 34% of unique phishing URLs detected by Vade. Next come the cloud and internet/telecom sectors which each account for 19% of phishing URLs. 6 companies from the cloud sector are in the ranking: Microsoft therefore ranks 1erGoogle 10th,Netflix 13thAdobe 21th and Docusign 25th. They are followed by social networks (17%) and e-commerce (10%). The government sector brings up the rear with only 1%.

A peak at 1er semester

Finally, note that the report points to a much higher number of phishing attacks in the first quarter with 81,447 unique phishing URLs, compared to 53,198 in the 2th trimester. A very marked peak for some firms. Among them, Google shows the most notable increase (873%), followed by Apple (737%) and Instagram (683%). Microsoft-related phishing increased 266% in 1er quarter, while phishing targeting Facebook fell 12%. The social network is also the only brand in this top 25 to have recorded a drop in phishing URLs to 1er trimester.

Weekdays remain favored by attackers at 1er semester, the majority of phishing URLs were detected between Monday and Wednesday. The end of the week is considered quieter. (Credit: Vade)

In detail, here are the analyzes made for the first two quarters: on 1er quarter, hackers were particularly active on Tuesday and Wednesday. In the 2nd quarter, they preferred Monday and Tuesday.

Leave a Comment