The data on phishing is increasingly worrying. According to Proofpoint’s State of the Phish Report 2022, as many as 54% of these attacks end in a customer data breach. Meanwhile, 48% directly affects their credentials and accounts. Overall, 83% of organizations reported experiencing in the past year a successful phishing attack.
Among the most affected companies is the logistics company DHL. The rise of e-commerce and parcel services have made the company the most supplanted in the third quarter of 2022, accounting for 22% of phishing attacks globally according to Check Point Research, the Check Point Threat Intelligence division Software Technologies. DHL has the dubious honor of replacing Linkedin, which was the most imitated in the first two quarters of the year.
“It is important that users check their shipments directly on the company’s official website. No email to trustespecially those that ask for information to be shared,” said Omer Dembinsky, director of Check Point Software’s Data Research Group.
The brands preferred by phishing
DHL is followed microsoft, which ranks second on this list with 16% of these attempts. And Linkedin, with 11% ranking third among the most supplanted companies.
The rest of the brands with the most phishing attacks are Google, with 6% of the total worldwide. They are followed by other companies under the microscope of cybercriminals, such as: Netflix (5%), WeTransfer (5%), Walmart (5%), WhatsApp (4%), HSBC (4%) and Instagram (3%). In the case of the latter, it is the first to appear in the top ten, which is why hackers have steadily increased their attempts at cyberfraud in the social network based on photos and videos in recent months.
DHL already issued a statement last summer where it warned that it was being targeted by «a major global scam and phishing attack«. And he claimed to be working seriously to block fraudulent websites and emails from the Internet. According to the data, these efforts have not been as successful as the well-known logistics company would like.
DHL warned users that they could be in danger if they received a message telling them that they had not been able to receive a package. In it, cybercriminals requested personal information and a means of payment.
As a rule, in these phishing campaigns, cybercriminals encourage their victims to fill out a form with confidential information to claim your verification badge, thus exposing all your data to carry out these social engineering attacks.
