- 22% of all brand phishing attempts tried to impersonate Microsoft
- DHL was the only company in the top 10 that wasn’t a tech firm
- Identity is the biggest attack surface for cybercriminals
New data from Check Point has found Microsoft remained the most spoofed brand in phishing attacks during the final three months of 2025, accounting for nearly one-quarter (22%) of all brand phishing attempts.
As is sadly too common these days, the technology industry is the most affected by brand impersonation, with Google (13%), Amazon (9%), Apple (8%), Meta (3%), PayPal (2%), Adobe (2%), Booking (2%) and LinkedIn (1%) all seeing similar attempts.
In fact, shipping giant DHL (1%) was the only company appearing in the top 10 list that did not belong to the tech sector.
Most phishing brand impersonations spoof tech giants
Check Point uncovered some seasonal trends that cause fluctuations – for example, Amazon impersonations were likely inflated every Q4 by higher Christmas shopping traffic, with attackers exploiting vulnerabilities in last-minute shopping and high-value purchases.
“The continued dominance of Microsoft and Google reflects their central role in identity, productivity, and authentication workflows – making stolen credentials particularly valuable to attackers,” the researchers explained.
One of the attacks Check Point observed in Q4 2025 was a fake game page targeting Roblox users to steal credentials. A fake domain also mimicked the official account recovery flow of Netflix to enable attackers to harvest passwords, and a Spanish-focused Facebook phishing campaign also targeted emails, phone numbers and passwords.
However, one thing rarely changes – phishing is a key attack method for scammers, and identity is the top attack surface across both consumer fraud and enterprise breaches.
This is largely good news, because the same basic cybersecurity hygiene we’ve always been taught still stands true. Tech evolutions have made it harder to detect attacks, and AI has only served to make them more sophisticated, but the key principles remain the same – avoid sharing passwords and logging in via potentially suspicious links and instead navigate to the official website via a search engine or typing in the domain, and use two-factor authentication for a secondary layer of protection.
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
https://cdn.mos.cms.futurecdn.net/UKeB6eGKBkfAEXPNvhRKfb-1600-80.jpg
Source link
