Cyber crooks rely on two time-tested methods to con users online — trick them into using a phishing website; and make them reveal their credentials.

Microsoft and Google, the leading digital technology platforms globally, have been the most counterfeited brands in the first quarter of 2024, according to Check Point Research’s brand phishing ranking. It reports that Microsoft remains the most counterfeited brand in phishing attacks at 38 per cent.

Brand phishing attack

In a brand phishing attack, criminals fake the official website of a well-known brand by using a similar domain name or URL and web page design. The phishing link will be sent to targeted individuals by email or text message, tricking them to open the link and share their personally identifiable information and financial credentials.

The fake website often contains a form intended to steal such personal information.

Google fakes figured in 11 per cent of brand phishing attempts, followed by professional social networking platform LinkedIn.

Targeted brands

Airbnb, the hospitality aggregating firm, appears in the list for the first time, figuring in one per cent of attacks. “This shows the adaptability of cybercriminals in their choice of imitated brands,” the report said.

The top-10 ranking includes Apple (5 per cent); DHL (5 per cent); Amazon (3 per cent); Facebook (2 per cent); Roblox (2 per cent); and Wells Fargo (2 per cent).

“In light of the persistent threat posed by brand impersonation, it is imperative for users to maintain a heightened level of vigilance and exercise caution when engaging with emails or messages purportedly from trusted brands,” Omer Dembinsky, Data Research Group Manager at Check Point Software, said.

“By remaining vigilant and adopting proactive cybersecurity practices, individuals can mitigate the risk of falling victim to cybercriminal tactics,” he said.