Phishing's Biggest Brand Target: LinkedIn

A new report finds there's a new favorite brand to imitate in phishing attempts and it's Microsoft's LinkedIn professional social network.

In its latest Brand Phishing Report,  security firm Check Point looked at the global phishing landscape for the first quarter of this year and found that not only was LinkedIn the most imitated brand, but it dominated the majority of phishing attempts.

"So far this year, LinkedIn has been related to more than half (52 percent) of all phishing-related attacks globally, marking the first time the social media network has reached the top of rankings," read the report. "It represents a dramatic 44 percent uplift from the previous quarter, when LinkedIn was in fifth position and related to only 8 percent of phishing attempts."

The most commonly used attack included sending a fake LinkedIn e-mail to a target. Once an embedded link is clicked, the user is taken to a spoofed Web page, mimicking the look of a LinkedIn log-in page. Their credentials would then be harvested and either sold or used in attempts to log into more sensitive sites using the hijacked credentials.

The dramatic increase of phishers specifically using LinkedIn as their avenue of attack has completely changed the phishing landscape, according to Check Point. Spoofed e-mails and messages from shipping-related companies used to represent the biggest brands copied. While these companies are still being utilized by attackers, the second-place entry for the quarter was DHL, with 14 percent of all appeared phishing attempts -- a far cry from LinkedIn's 52 percent.

Here's the full list of the top 10 imitated brands for the period between January and March:

  1. LinkedIn (52 percent)
  2. DHL (14 percent)
  3. Google (7 percent)
  4. Microsoft (6 percent)
  5. FedEx (6 percent)
  6. WhatsApp (4 percent)
  7. Amazon (2 percent)
  8. Maersk (1 percent)
  9. AliExpress (0.8 percent)
  10. Apple (0.8 percent)

The latest quarterly report represents the first time that Danish shipping company Maersk and Chinese-based online shopping retailer AliExpress have broken through to the top imitated brands.

In the case of Maersk, Check Point said some of the phishing attempts were especially malicious. The security company spotted fake e-mails asking users to download a copy of their bill in what appeared to be an attached Excel file. The file would then infect the system with the Agent Tesla remote access Trojan, which is a popular malware that has seen large growth in use over the last two years.

The latest quarterly report, highlighting attackers' growing interest in phishing attempts related to social media, should be taken as a warning that the net of possible phishing targets is growing, according to Check Point.

"As always, we encourage users to be cautious when divulging personal data and credentials to business applications or websites, and to think twice before opening email attachments or links, especially emails that claim to be from companies such as LinkedIn or DHL, as they are currently the most likely to be impersonated," said the company.

About the Author

Chris Paoli (@ChrisPaoli5) is the associate editor for Converge360.


  • Microsoft Planning Additional Job Cuts in May

    Microsoft's ongoing layoffs are hitting its home turf, with new notices affecting 1,248 people in the Redmond, Bellevue and Issaquah, Wash. areas in May.

  • Microsoft's Loop App Now Available in Preview

    Microsoft's latest collaboration application, Loop, is now available as a public preview.

  • 2023 Microsoft Conference Calendar: For Partners, IT Pros and Developers

    Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss.

  • Microsoft To Add ISV Designations to MCPP

    Microsoft's top partner executives detailed several changes it plans to make to the 6-month-old Microsoft Cloud Partner Program (MCPP).