contador web Saltar al contenido

Microsoft, Paypal and Netflix are the most used companies for phishing | Security

Microsoft, Paypal and Netflix appear in the top three positions in the ranking of the 25 most used companies by cybercriminals for phishing scams in North America. The data is from the Vade Secure email provider report. The practice of scam is to create fake emails or pages that pretend to be real brands, with the aim of stealing data from users for different purposes.

READ: Scam in fake stores grows 300% in 2018; know how to avoid

The study shows that cloud-based services and financial companies are the two sectors most targeted by hackers, representing together about 75% of all phishing URLs.

Netflix the third most used brand by hackers to apply the phishing scam Photo: Carolina Ochsendorf / TechTudoNetflix the third most used brand by hackers to apply the phishing scam Photo: Carolina Ochsendorf / TechTudo

Netflix the third most used brand by hackers to apply the phishing scam Photo: Carolina Ochsendorf / TechTudo

Want to buy cell phones, TV and other discounted products? Meet Compare TechTudo

In the third quarter of 2018, criminals used only 86 international companies to apply 95% of phishing scams. In the case of Microsoft, the company preferred by the bad guys, the action is done through a replica of the Office 365 home page or a simulation that the recipient has received a link to a file on OneDrive or SharePoint, requiring login to access it.

The objective is to obtain the user's Office 365 credentials and then have access to a series of files, data and contacts stored in the various apps of the suite, such as SharePoint, OneDrive, Skype, Excel and CRM. In addition, hackers can use these accounts to launch additional attacks, including spear phishing, malware and, increasingly, internal attacks directed at other users within the same organization, "explains the report.

Fake Microsoft Office 365 login screen Photo: Divulgao / Vade SecureFake Microsoft Office 365 login screen Photo: Divulgao / Vade Secure

Fake Microsoft Office 365 login screen Photo: Divulgao / Vade Secure

When cybercriminals apply phishing by impersonating PayPal, they are interested in the victim's balance on the service. In the case of Netflix, scammers seek users' bank details. Other services and brands widely used by Brazilians that appear on the list are: Facebook (6), Orange (9), Dropbox (10), Adobe (12), LinkedIn (13), Apple (14), Google (15), Alibaba (17) and Yahoo (20).

Most likely days for attacks

The analysis by Vade Secure shows that cybercriminals prefer Tuesday and Thursday to carry out phishing attacks, which are coincidentally (or not) the same days considered to be the best days to send promotional emails, according to marketing analysts. Netflix, however, appears as an exception, having its brand associated with scams predominantly on Sundays.

A study shows that Netflix's streaming spikes occur on Saturday, as many new show seasons are released at once, often on Fridays. Hackers are likely to take advantage of this increase in activity and force recipients to act quickly to unlock their account, explains the email security provider.

Scammers choose days to apply phishing scams according to the likelihood of success Photo: Divulgao / AVGScammers choose days to apply phishing scams according to the likelihood of success Photo: Divulgao / AVG

Scammers choose days to apply phishing scams according to the likelihood of success Photo: Divulgao / AVG

It is essential that consumers are always attentive to the websites to which they provide personal information. It is ideal to access only the pages of trusted companies with which you are familiar. However, fake websites usually very well simulate the visual identity of companies and easily mislead users.

Therefore, it is important to always be attentive to messages received by e-mail or social networks that contain grammatical errors, promises that are too good to be true, or that request bank details right away or that the content is passed on to other people.

Via Vade Secure and Blepping Computer

Ca in phishing; What to do now? Exchange tips in the TechTudo forum.

What ransomware: five tips to protect yourself

What ransomware: five tips to protect yourself