Brand Phishing 2025
2025-05-19 03:55:23

Check Point Research Reveals Brand Phishing Trends for Q1 2025

Overview of Brand Phishing in Q1 2025


In the ever-evolving landscape of cyber threats, Check Point Research has released its latest report on brand phishing for the first quarter of 2025, spotlighting how cybercriminals disguise themselves using trusted brands to steal sensitive information. This report discusses the brands most frequently impersonated in phishing attacks and highlights the rising trends in digital threats.

In this quarter, Microsoft continued to dominate the phishing landscape, being the most impersonated brand with a staggering 36% of total phishing attacks. Following closely, Google climbed from third place to second with 12%, while Apple maintained its position in the top three with 8%. Most notably, Mastercard re-emerged into the top ten after falling out since Q3 2023, landing in fifth place.

Industry Distribution of Phishing Attacks


The report indicates that the technology sector faces the highest incidence of brand impersonation, with social media and retail sectors also experiencing significant attacks. This shift underscores the need for consumers to remain vigilant, especially when interacting with brands that handle sensitive financial information.

Omer Dembinsky, Check Point’s Data Research Manager, stated, "Phishing attacks that leverage trusted brands remain a substantial threat. Mastercard's resurgence in the rankings highlights an increase in fraudulent attempts targeting financial services. Consumers must remain cautious when using online services, particularly involving sensitive financial data."

Top Brands Targeted by Phishing Attacks


The following brands were the most impersonated during the first quarter of 2025:
1. Microsoft (36%)
2. Google (12%)
3. Apple (8%)
4. Amazon (4%)
5. Mastercard (3%)
6. Alibaba (2%)
7. WhatsApp (2%)
8. Facebook (2%)
9. LinkedIn (2%)
10. Adobe (1%)

The Surge in Phishing Attacks Targeting Mastercard Users


A particularly alarming trend observed in Q1 2025 was the significant increase in phishing attacks targeting Mastercard users. In February, cybercriminals launched fake websites mimicking the official Mastercard site, primarily targeting users in Japan. The purpose of these fraudulent sites was to steal sensitive data such as credit card numbers and CVVs. Some confirmed malicious domains included:
  • - mastercard-botan[.]aluui[.]cn
  • - mastercard-pitiern[.]gmkt6q[.]cn
  • - mastercard-orexicible[.]bvswu[.]cn
  • - mastercard-transish[.]gmkt7e[.]cn

Although these fraudulent sites have since been taken down, the appearance of Mastercard in the top ten demonstrates the persistent targeting of financial institutions by attackers. It serves as a reminder for users to exercise extreme caution when engaging with financial transaction-related websites.

Example of Phishing Attempt: Imitating OneDrive Login


Another significant phishing incident in Q1 2025 involved a fake login page masquerading as Microsoft OneDrive, aimed at capturing user credentials. Cybercriminals created a deceptive domain resembling the official login page, "login[.]onedrive-micrasoft[.]com". By emulating Microsoft’s branding, they attempted to deceive users into entering their email addresses and passwords.

These examples underscore the evolving tactics of cybercriminals who create authentic-looking fraudulent sites to trick users into divulging sensitive security information.

Increasing Attacks in the Technology Sector


In the first quarter of 2025, the technology sector remained the most impersonated industry. With increasing reliance on technology and cloud-based services by businesses and consumers alike, these platforms continue to attract the attention of cybercriminals. Major brands implicated in these attacks include Microsoft, Google, and Apple. Additionally, social media platforms such as Facebook, LinkedIn, and WhatsApp, along with e-commerce giants like Amazon, faced significant phishing threats.

In summary, the rising incidence of brand phishing reveals the persistent need for heightened awareness among users. By staying informed and cautious, especially when sharing sensitive information online, individuals can better protect themselves against these evolving cyber threats.


画像1

画像2

Topics Entertainment & Media)

【About Using Articles】

You can freely use the title and article content by linking to the page where the article is posted.
※ Images cannot be used.

【About Links】

Links are free to use.