Hackread reports that Microsoft has been spoofed in 25% of all phishing intrusions between April and June, making it the most phished brand during the second quarter.
Most threat actors have been targeting Microsoft in phishing attacks due to its extensive userbase, which includes over 1.6 billion Windows users and nearly 321 million monthly active users of Microsoft 365, an analysis from Check Point Research revealed. Google and Apple were the next most impersonated brands as attackers prioritize the targeting of the tech industry. However, Spotify has returned to the most phished brands after more than five years following its exploitation in an attack campaign that involved a bogus website that sought users' credentials prior to redirection to a fake payment form. Intrusions involving Booking.com impersonation have also spiked, with the digital travel firm leveraged in a pair of ClickFix social engineering schemes last quarter.
