Microsoft has once again emerged as the most spoofed brand by cybercriminals for the second consecutive year, The tech giant has taken the dubious title of being the top spoofed brand, according to a report released by cybersecurity firm, CyberShield.
The CyberShield report revealed a number of key findings that shed light on the current state of cybersecurity and data breaches. Among the notable findings was the fact that the Cam4 data breach in 2020 ranked as the largest data breach, compromising a whopping 10,880 records.
Yahoo followed closely behind, securing the second position in terms of data breaches with approximately 3,000 compromised records underscoring the persistent targeting of Yahoo by cybercriminals.
The report also highlighted that Google, Yahoo, Facebook, and Outlook were among the top five most spoofed brands in 2022, alongside Microsoft and demonstrates the widespread nature of spoofing attempts against prominent technology companies.
Jonathan Merry, CEO of BanklessTimes.com said, “In the past year, we’ve seen threat actors move away from finance and e-commerce and instead are focussing their efforts on larger technology brands,“
“This is due to the fact that phishing kits are getting more intelligent and the brand being spoofed can be altered by changing a simple parameter,“ said Merry.
Asia-Pacific Region
The Asia-Pacific region accounted for the largest number of data breaches, with a notable increase from 26% in 2021 to 31% in 2022. A staggering 91% of attacks targeted Japan, emphasising the need for robust cybersecurity measures in the country.
Europe
Europe emerged as the region with the second-largest number of data breaches, with the United Kingdom accounting for 43% of these breaches. This finding highlights the importance of strengthening cybersecurity efforts across European countries.
On the other hand, the Middle East experienced a significant decrease in data breaches, comprising only 4% of the total breaches in 2022, down from 14% in the previous year.
The CyberShield report emphasises the necessity for individuals and organisations to remain vigilant in the face of online threats.
Verifying the authenticity of requests for personal information, refraining from clicking on suspicious links or downloading attachments from unknown sources, and maintaining strong, unique passwords are crucial steps to protect against spoofing attempts
Microsoft Remainds a Hot Target for Cybercriminals
Due to its widespread popularity and extensive use in enterprise environments, Microsoft remains a prime target for cybercriminals. Despite the robust security measures the company has in place, it is always a cat and mouse game with threat actors.
In a report published by Cisco in 2019, it was revealed that Microsoft Office encounters a higher number of phishing attacks compared to any other service.
Similarly, Kaspersky Lab has identified Office 365 as the primary target of phishing campaigns, with approximately 70% of attacks directed at this platform.
A report from Check Point in 2020 further supported this finding, stating that Microsoft products faced more phishing attacks than any other company during the third quarter of that year.
In August of the same year, Kaspersky highlighted Office 365 as the most frequently targeted service. During Q2 2022, there was a notable increase in the number of exploits targeting vulnerabilities in the Microsoft Office suite, accounting for 82% of the total exploits across various platforms and software, including Adobe Flash, Android, Java, and others.
