Facebook, Orange, Crédit Agricole, the top 20 brands usurped in phishing emails

A cybersecurity company has listed the most common hacker traps found in email inboxes.

What are the brands most abused by cybercriminals to trap you? Cybersecurity company Vade released a report on February 15, highlighting the most common phishing emails.

To produce its ranking, analysts reviewed 1.4 billion mailboxes in 2024. This cybersecurity software is not there to read messages, but to automatically filter harmful content and alert if questionable elements are detected: servers or sites used by cybercriminals, malicious link or attachment, etc.

Since a large part of Vade’s customers are French, the company can produce a rather relevant report for targeting Internet users in France. Review of the year 2023? Facebook still takes first place in email inbox scams.

For the third year in a row, Facebook was the most spoofed brand, with nearly twice as many unique phishing URLs as the second-ranked brand on the list, Microsoft. More than 44,000 Facebook phishing sites were identified, representing 23% of all phishing URLs listed this year. ”, it is indicated.

Classification of usurped trademarks.  // Source: Vade
Classification of usurped trademarks. // Source: Vade

Microsoft therefore comes in second place, with 22,000 phishing sites created by cybercriminals. The impostures targeting the tech giant are almost twice as numerous as the third brand.

Two French companies are at the top of the table: Crédit Agricole and Orange, in places 3 and 4. The telephone operator – which has the largest market share in France – climbs two places compared to the last year. Crédit Agricole takes four.

Why so much phishing for Facebook or Crédit Agricole?

The number of users of a service is naturally the first factor taken into account by hackers, but their choice of brands is also motivated by other important criteria in the data market. Social network account identifiers provide access to a whole bunch of private information and conversations that may be of interest to criminals.

Vade also notes that “ Compromising a social media account means stealthily accessing other business applications. Recent reports reveal that 50% of employees worldwide use the same password for all their accounts. They are therefore more exposed to the compromise of their social media accounts and the theft of access credentials to critical applications. “. You can also check if your data has been leaked from these sites open to all.

An example of Facebook phishing.  // Source: VadeAn example of Facebook phishing.  // Source: Vade
An example of Facebook phishing. // Source: Vade
A fake site usurping agricultural credit.  // Source: VadeA fake site usurping agricultural credit.  // Source: Vade
Another example. // Source: Vade

Concerning Microsoft, the theft of identifiers allows access to files stored in the cloud or to usurp an employee’s email to deceive another. As for the banks, you will have understood, it is first a question of emptying your bank account. And it’s much faster than snatching.

Subscribe for free to Artificielles, our newsletter on AI, designed by AIs, verified by Numerama!

Source link -100