According to researchers at CheckPoint, DHL was the number one most spoofed company for phishing campaigns in the fourth quarter of 2021, pushing Microsoft to number two. According to researchers, this jump is due to the holiday shopping that is typically done around that time. Since DHL is an international shipping company, it is likely that this is the reason threat actors began spoofing them. The lures used in campaigns range from packages that are stuck at customs to embedded tracking numbers. The top ten spoofed companies were:
- DHL (related to 23% of all phishing attacks globally)
- Microsoft (20%)
- WhatsApp (11%)
- Google (10%)
- LinkedIn (8%)
- Amazon (4%)
- FedEx (3%)
- Roblox (3%)
- PayPal (2%)
- Apple (2%)
Analyst Notes
Companies should be aware of the most common types of phishing campaigns in order to tailor their security controls. Proper training for employees should be conducted, which includes teaching them that they should never use their company email to sign up for personal services that are not business-related, and to never re-use their corporate password to sign up for any other online service. Monitoring should also be in place to quickly identify threats in case an employee falls for a phishing campaign. Reporting processes should be defined so employees understand who to contact if they believe they were a victim of a phishing campaign.
https://www.bleepingcomputer.com/news/security/dhl-dethrones-microsoft-as-most-imitated-brand-in-phishing-attacks/