Microsoft is the most commonly imitated company in phishing scams

Microsoft remains top phishing target, with WhatsApp, Instagram, and Adidas entering the top 10

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Check Point Research (CPR) has released new research examining the biggestphishingscams in the second quarter of 2024.

CPR’s ranking putsMicrosoftas the most frequently imitated, appearing in a staggering 57% of messages, withApplerising to second place with 10%.

There were also several new entries in the top 10 list, with Instagram,WhatsApp, and Adidas accounting for a combined 2.3% of threats.

Growing threats

Tech remains the most impersonated industry, with critical service providers a popular target due to often storing sensitive information such as financial information and personal data.

When impersonating Microsoft, cybercriminals will most commonly fabricate a threat to your device which needs fraud protection software to be downloaded, and ask you to follow a link or attachment.  Fraudulent emails also regularly include ‘Message Failure Delivery’ notices, looking to prompt users to follow a link to a website which closely resembles the Outlook login page, tricking users into giving away their login credentials.

Similarly, Apple impersonators will often claim that a user’s Apple ID has been locked or compromised, and will encourage users to follow their own link to log in to a mock login page.

Retail based phishing scams often present as fraudulent purchasing sites resembling the brand, and aim to get users to enter their payment details.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Staying alert

Phishing attacks are designed to panic users into acting quickly to follow their instructions, leading you to a fraudulent site to enter your account details.

“Phishing attacks remain one of the most pervasive cyber threats and are often the entry point for much larger scale campaigns [in] a supply chain,” warned Data Group Manager at Check Point Software, Omer Dembinsky.

Dembinsky advises users to always avoid clicking on unsolicited links, to thoroughly verify email addresses, and to use Multi Factor Authentication. If you believe you have been sent a phishing scam, UK users can forward them to the police at Action Fraud onreport@phishing.gov.uk.

Acting quickly is key if you believe you have fallen victim to the scam, contacting your bank and opening an investigation into any suspicious activity.

More from TechRadar Pro

Ellen has been writing for almost four years, with a focus on post-COVID policy whilst studying for BA Politics and International Relations at the University of Cardiff, followed by an MA in Political Communication. Before joining TechRadar Pro as a Junior Writer, she worked for Future Publishing’s MVC content team, working with merchants and retailers to upload content.

Mount-It Electric Standing Desk review

One more AMD eGPU docking station goes on sale — but it doesn’t have USB 4.0, can’t accommodate an M.2 SSD and requires an OCuLink connector to feed the RX 7600M XT chip

7 myths about email security everyone should stop believing