Microsoft, Facebook, PayPal named as phishers’ favorite brands of 2020

Microsoft, Facebook, PayPal named as phishers’ favorite brands of 2020

Report from Vade Secure highlights the most impersonated brands of 2020 and explores impact of pandemic on key phishing trends

Boston – February 9, 2020 – Vade Secure, the global leader in predictive email defense, has revealed the 20 brands that are most impersonated during phishing attacks.

Its annual Phishers' Favorites report for 2020 reveals that Microsoft has maintained its position as the brand most often found in phishing emails, followed by Facebook and PayPal.

During the year of lockdown and remote working, cloud services overtook financial services to become the most impersonated industry, whilst cynical hackers exploited the Covid-19 pandemic and issued large numbers of fake emails promising false cures or non-existent personal protective equipment (PPE).

Vade Secure protects more than one billion mailboxes around the world, allowing it to gain an unprecedented insight into the threats facing businesses. Its filter engine detects and analyses tens of thousands of unique phishing URLs every quarter. These phishing URLs refer to the number of URLs and not the volume of phishing emails received, because hackers will often send hundreds or thousands of phishing emails containing the same URL.

Adrien Gendre, Chief Product and Services Officer at Vade Secure, said: “Organisations need to be aware that phishers and other threat actors are always looking out for new ways to target them.”

“Phishing is just one tactic used by hackers and the ever-changing popularity of well-known brands shows how cybercriminals’ tactics are constantly evolving.”

“The Phishers’ Favorites report highlights the importance of a proactive and comprehensive email security posture. Businesses should protect themselves and their clients from dynamic phishing attacks with a combination of training, technology, and vigilance.”

Microsoft is still the phishers’ favorite

Microsoft 365’s user base grew to 258 million in 2020, experiencing higher than expected growth driven by the Covid-19 pandemic. Microsoft has consistently remained at the top of Vade Secure’s Phishers’ Favorites quarterly reports, holding the #1 spot for four quarters.

The rise of Facebook and WhatsApp

Interest in Facebook has been on the rise since 2018 when Vade Secure first started tracking unique Facebook URLs. Q2 saw the biggest surge for Facebook phishing in 2020, with 4,373 unique URLs detected, for a total of 14,876 for the year.

WhatsApp made its first appearance on the Phishers’ Favorites list in Q1 2019, with a small number of phishing URLs. This changed drastically in Q4 2019, when Vade Secure detected 5,029 unique WhatsApp phishing URLs for the quarter. A spike in the number of WhatsApp spoof emails coincided with the pandemic, when social media brands became more popular among phishers.

Cloud services becomes most impersonated industry

In an abrupt change in Q2, and as businesses shifted to remote working, cloud services overtook financial services as the most impersonated industry. Microsoft, Netflix, Adobe, Apple, and Dropbox represented the most impersonated cloud services companies in the top 20. Both Google and Adobe saw growth in phishing URLs, moving up two and three spots respectively.

E-commerce phishing boom

In another major shift from 2019, e-commerce overtook social media as the third most impersonated industry. Like cloud services, e-commerce reached new heights in 2020 as shoppers went online in far greater numbers. eBay, for instance, didn’t make the top 20 list in 2019, but jumped 28 spots to #5 in 2020.  

Email security pandemic

When Covid-19 forced businesses to shift to teleworking, cybercriminals unleashed a massive wave of pandemic-themed phishing and spam emails. Capitalizing on users’ fears and anxieties, hackers sent fake emails offering facemasks and PPE as well as phishing messages that impersonated the NHS and World Health Organization.


Vade Secure helps MSPs, ISPs, and OEMs protect their users from advanced cyberthreats, such as phishing, spear phishing, malware, and ransomware. The company’s predictive email defense solutions leverage artificial intelligence, fed by data from 1 billion mailboxes, to block targeted threats and new attacks from the first wave. In addition, real-time threat detection capabilities enable SOCs to instantly identify new threats and orchestrate coordinated responses. Vade Secure’s technology is available as a native, API-based offering for Microsoft 365 or as lightweight, extensible APIs for enterprise SOCs. To learn more, please visit www.VadeSecure.com and follow us on Twitter @VadeSecure or LinkedIn https://www.linkedin.com/company/vade-secure/.

Copyright Lyonsdown Limited 2020

Top Articles

Universal Health Services lost $67m to a Ryuk ransomware attack last year

Universal Health Services said the cyber attack cost it $67 million in remediation efforts, loss of acute care services, and other expenses.

How the human immune system inspired a new approach to cyber-security

Artificial intelligence is being used to understand what’s ‘normal’ inside digital systems and autonomously fight back against cyber-threats

Solarwinds CEO blames former intern for hilarious password fiasco

SolarWinds has accused a former intern of creating a very weak password for its update server and storing it on a GitHub server for months.

Related Articles