The Freename Forum

The US information security company Zscaler has published a list of the brands most frequently affected by phishing. The top 20 is teeming with famous names, including two representatives from Germany.

Zscaler is a cloud-based company headquartered in San José (US state of California) that aims to protect against cyber attacks by means of secure connections between users, devices and applications. In the latest edition of its "ThreatLabz 2024 Phishing Report", Zscaler looks at the phishing scene, which offers a wide range of attack options with tools such as "phishing-as-a-service kits", "automated phishing tools" and "curated target lists". Cybercriminals are also making increasing use of artificial intelligence (AI); according to Zscaler, they can now use generative AI to create extremely convincing phishing campaigns that exceed previous standards of complexity and effectiveness. Over a 12-month period (January to December 2023), ThreatLabz analysed more than two billion phishing transactions, the results of which were presented in the recently published report; this is intended to equip companies with the knowledge they need to proactively combat the rising wave of new phishing attacks. According to Zscaler, the results obtained are in line with the data from the Anti-Phishing Working Group, which declared 2023 to be the "worst phishing year ever". According to this, phishing attacks increased by 58.2 per cent in 2023 compared to 2022.

According to the analyses by Zscaler, the most frequently imitated brands in phishing attacks include Microsoft, OneDrive, Okta, Adobe, SharePoint, Telegram, pCloud, Facebook, DHL, WhatsApp, ANZ Banking, Amazon, eBay, Instagram, Google, Sparkasse, FedEx, PayU, Rakuten and Gucci. Microsoft was the phishers' favourite with a share of 43.1 percent, followed at a considerable distance by OneDrive with 11.6 percent. These brands are particularly attractive to phishers due to their widespread use in corporate environments and their high value in capturing user credentials; this is compounded by the trend towards working from home, which makes them even more attractive to phishers as they are used even more. However, top referrer domains that lead to phishing pages are also becoming a growing problem. This tactic exploits vulnerabilities in a website's redirect function to trick users by redirecting them to malicious websites. The Zscaler report includes top referrer domains such as www.gutefrage.net or www.finanznachrichten.de. These seemingly harmless domains allow attackers to send emails with links to legitimate websites as entry points while hiding the addresses of the actual phishing websites.

The developments described by Zscaler also present companies in the EU with new challenges, as they are subject to stricter liability requirements against the backdrop of the Directive on measures for a high common level of cyber security across the EU (Network and Information Security 2, or NIS-2 for short). This means that domain monitoring, for example, is becoming considerably more important. Domain names play a central role in the area of cyber security: Well-known and famous brands within a domain often serve cyber criminals, as described by Zscaler, as virtual bait to attract and direct users to their offerings. This has already had devastating consequences for companies and brand owners: they not only lose traffic, i.e. user access to their website, but also potential customers and potential sales. NIS-2 adds a new layer. If managing directors of a limited liability company or the board of directors of a public limited company do not fulfil their monitoring and training obligations, they are personally liable to the company for damages. The management body also remains ultimately responsible if auxiliary persons are engaged. In addition, severe fines can be imposed for violations of NIS-2. For companies, the fines can amount to up to 10 million euros or up to 2 per cent of the total global turnover generated in the previous financial year.

You can find the "Zscaler ThreatLabz 2024 Phishing Report" at:
https://www.zscaler.com/resources/indus ... t-2024.pdf