Freely subscribe to our NEWSLETTER

According to the data presented by the Atlas VPN team, Microsoft and Zoom were the most commonly impersonated companies in the phishing attacks in 2020. In total, 80% of all last year’s brand email phishing campaigns imitated Microsoft or Zoom to scam victims.

The numbers are based on data gathered by INKY, which recorded 591,293 brand impersonation phishing campaigns in 2020, out of which 40,906 were unique. A single campaign is defined as being from the same sender domain and authentication source and having more or less the exact text, links, and attachments. It means that a single campaign can represent hundreds or even thousands of emails sent by cybercriminals.

Multinational technology company Microsoft was a definite leader over the other brand impersonators. The brand was used in a whopping 28,536 unique phishing attempts accounting for 70% of all last year’s brand phishing campaigns.

However, Zoom, which exploded in popularity amid the pandemic when all the industries turned to remote video communication tools, came in second. It was exploited in 3,803 brand phishing campaigns, which constitute more than 9% of all such attempts.

The third spot in the list is occupied by the world’s largest online retailer Amazon. Amazon brand name was used in 2,747 or nearly 7% of all phishing campaigns impersonating well-known brands.

Up next is American national bank Chase Bank. The financial institution’s name was taken advantage of in 960 campaigns, which make up over 2% of last year’s brand phishing attempts.

Chase Bank is closely followed by RingCentral, a cloud-based phone system provider. RingCentral’s name was utilized in 807 or nearly 2% of brand impersonation phishing campaigns of 2020.

Other brand names that made it to the top ten include internet fax service provider eFax, financial software provider Intuit, American healthcare company CVS, multinational financial services corporation American Express, as well as streaming platform and production company Netflix. Each of the mentioned company names was abused in around 1% of all brand phishing email campaigns last year.

In total, over 12% of all last year’s phishing emails used brand impersonation as their tactics.
Technology was the most impersonated industry of 2020

With the eruption of the global pandemic, most of our lives transferred online, and cybercriminals were quick to take advantage of the situation by launching new scam schemes and phishing attacks. When it comes to the latter, fraudsters favored brands and industries that people relied on the most during the pandemic.

With Microsoft being the most phished brand, it is not surprising that the technology sector dominated phishing emails last year. Companies in the technology sector, such as Microsoft, Netflix, DocuSign, LinkedIn, Apple, Dropbox, and ADP, were used in close to 72% of all phishing campaigns that imitated existing brands.

The technology sector is followed by the telecommunication industry. Names of telecommunication industry leaders, such as Zoom, RingCentral, eFax, Xerox, and AT&T, were taken advantage of in 14% of such phishing attempts in 2020.

Meanwhile, companies’ names in the retail industry were utilized in 8.5% of such phishing attempts in 2020. Notable brands include the already mentioned Amazon and CVS, as well as Sam’s Club and Walmart.

Finance was another sector favored by phishers. It was exploited in approximately 6% of all brand phishing attempts in 2020. Financial institutions such as Chase Bank, Intuit, American Express, PayPal, Citibank, and Bank of America were among the criminal’s favorites.

Finally, brands in the logistics sector, such as USPS, DHL, and FedEx, were also abused. However, phishing campaigns impersonating logistics companies made up less than 1% of all brand phishing attempts last year.