Check Point Research Q1 2024 Results- Microsoft, Google, and Linkedin Topped the List; Airbnb is a New Entry

Check Point Research has released the latest report enlisting the top 10 phishing brands for Q1 2024. Microsoft topped the list, with 38% of phishing attacks targeted at it, while Google and LinkedIn experienced 11% of attacks each. What’s surprising is Airbnb’s entry with 1% of attacks; this could be due to the seasonal holiday surge, specifically among travelers preferring to stay at unique accommodations.

Here’s the list-

1. Microsoft (38%)
2. Google (11%)
3. LinkedIn (11%)
4. Apple (5%)
5. DHL (5%)
6. Amazon (3%)
7. Facebook (2%)
8. Roblox (2%)
9. Wells Fargo (2%)
10. Airbnb (1%)

The DHL Phishing Email Scam

DHL EXPRESS was targeted when threat actors sent deceptive emails that looked like they were coming officially from the company. Bad actors sent emails from message-system-express@shipping.com, requesting urgent action from recipients, and included the subject line “Important: Latest Information Regarding DHL Shipments” to come off as important.  

The email had a phishing link to a fraudulent website that claimed to be DHL’s official platform. It showed a simulated shipping process for a parcel that was tagged as ‘pending’ and asked for a small amount to resume its movement in transit. 

Deceptive Emails from Microsoft

Hackers launched a phishing campaign where a variety of false emails were sent to deceive recipients with subject lines like “Message Failure Delivery Notice,” “Outlook Info Replacement,” “Annual Leave Compliance Report for 2024” and “Please Complete: Invoice from DocuSign Electronic Signature Service.”

The emails included links to injected and cloned websites that looked like Outlook’s official pages and requested visitors to enter login credentials. Their credentials were then used to extract personal details, posing a security threat. 

To avoid being a victim of such attacks, we encourage you to always verify the email sender’s address, hover over links to check their destination before clicking, be cautious of urgent or suspicious requests for personal information, and bolster your phishing protection.

Other Trends in the Report

• The first quarter of 2024 registered a 28% increase in the average number of cyberattacks per organization as compared to the fourth quarter of 2023. 
• Europe recorded a staggering 64% surge in ransomware instances, followed by Africa, which saw 18% of such attacks. Unfortunately, North America suffered the highest impact, with 59% out of close to 1000 published ransomware attacks.
• The education and research industry reflected a blowing average of 2454 attacks per organization per week.
• The communication sector registered the highest year-on-year increase of 177% in ransomware incidents, although it accounted for only 4% of reported attacks in Q1 2024. This steep surge is anticipated to emerge from the sector’s rapid digital transformation. Experts also believe that vulnerabilities have expanded due to the integration and growth of 5G and IoT devices.

Some common cybersecurity practices like securing emails with DMARC, educating employees on reading red flags, getting rid of old devices, establishing firewalls, restricting access to critical information to only managers and CXOs, etc., help stay out of threat actors’ radar.