Attacks targeting productivity suites, such as Microsoft 365 and Google Workspace, are on the rise.
A year's worth of phishing.
Vade has published its annual Phishers' Favorites report for 2022, finding that Facebook, Microsoft, and Google were the most impersonated brands last year.
Google rises to third place.
Notably, Google, which placed #28 in 2021, jumped to the third most-impersonated brand last year, following a 1,560% increase in Google-themed phishing pages. The researchers attribute this increase to the growing popularity of Google Workspace, and Vade predicts that Microsoft and Google will be the two most widely impersonated brands in 2023 due to the prevalence of their productivity suites:
“Productivity suites are an attractive target for phishers. With a suite of integrated applications, these digital ecosystems give phishers more opportunities to exploit users before and after an initial compromise. For example, phishers can impersonate integrated applications such as file-sharing solutions in an initial attack, as well as use compromised accounts to distribute malicious links and files through new channels, such as instant messaging tools.”
Phishing increases across the board.
Vade also observed significant increases in phishing attacks across nearly every industry sector: “Excluding social media, every industry contributed to the significant increase in phishing pages in 2022, which surpassed 2021's total by 89,991 unique phishing URLs. Internet/telco saw the largest increase (111%), followed by cloud (77%), ecommerce/logistics (59%), financial services (46%), and government (26%).”