Facebook, Microsoft, Google Most Targeted by Phishing Impersonation

Facebook, Microsoft and Google come up as the top brands susceptible to impersonation by phishing attacks last year. Vade has released its annual report, Phishers’ Favorites, highlighting these key phishing trends. In 2022, the brands that made the list accounted for more than 274,600 unique phishing websites, compared to nearly 185,000 in 2021.

Facebook Leads the Pack

Facebook was the top impersonated brand, edging out Microsoft. With more than 25,000 uniquely branded phishing websites, Facebook represented 9% of total phishing from this year’s list. Microsoft finished as runner-up for the second year in a row. It represented 9% of all phishing websites but accounting for nearly 2,000 fewer than Facebook. Like 2021, Microsoft remains the most impersonated brand in the corporate market, according to the report.

The sharp increase in phishing websites impersonating Facebook coincided with a tumultuous second half of the year for the company. There was a slowing growth in active users and advertising revenue. This led to a marked decline in the company’s stock price and substantial layoffs.

The turmoil surrounding Facebook appeared to bolster its appeal among phishers. The company retained its position as the chief target of parent company Meta, which also owns WhatsApp and Instagram. These were two perennial phishers’ favorites that made this year’s top 20. The three Meta brands accounted for 42,342 unique phishing pages collectively, a staggering total despite a slight dip from 2021 (43,169).

Facebook phishing schemes come in a variety of forms, including false account restriction notifications to security requests. These direct users to malicious pages designed to harvest user credentials.

Google Gets Third Place

Google jumped into the No. 3 spot with 1,560% year over year growth in phishing pages. This was the second biggest leap among brands to crack the top 20 in this year’s report. The cloud leader accounted for nearly 20,000 unique phishing pages, or 7% of all phishing websites. PayPal moved into fourth place with a 6% share after finishing at No. 10 in 2021. Rounding out the top five was MTB (financial services), which accounted for 5% of all phishing webpages after closing out the prior year at No. 18.

Each quarter, Vade’s filter engine detects and analyzes millions of phishing emails and hundreds of thousands of phishing webpages. The top brands in phishing are determined by analyzing unique, branded phishing websites. Cybercriminals often send dozens, and sometimes hundreds or thousands, of phishing emails containing the same unique phishing link, while a single domain can host thousands of phishing URLs.