Threat Detection

Vade releases 2023 Phishers’ Favorites Report

Vade’s annual phishing report reveals that Facebook scams reached all-time high and social media phishing rose sharply.

Vade, a global leader in threat detection and response with more than 1.4 billion mailboxes protected, today announced its annual Phishers’ Favorites report for 2023. Phishers’ Favorites Year-in-Review is a ranking of the top 20 most impersonated brands in phishing. Headlining this year’s report, Facebook was the most impersonated brand after a 74% year-over-year (YoY) increase in unique phishing websites, more than double the runner up on this year’s list, Microsoft. This marks a record number of phishing websites for the social media company and the third consecutive year it claimed the top spot.

Phishers’ Favorites 2023 Year-in-Review, which can be read in full here, analyzes full-year phishing data captured by Vade’s technology. For this report, Vade analyzed 197,000 phishing pages linked from unique phishing emails between January 1, 2023 and December 31, 2023.

Social media phishing reaches increases significantly

Among all industries, the social media sector accounted for the largest YoY increase in phishing URLs at 110%. Aside from Facebook, Instagram (#9 on this year’s list), WhatsApp (#13), and LinkedIn (#23) all contributed to the increase. The rise in phishing threats comes as revenues from social media advertising continue to climb and businesses step up their reliance on these platforms for sales, marketing, and recruiting.

The financial services industry remains the most impersonated

2023 proved to be another typical year for financial services, with the industry retaining its status as the most impersonated by hackers. The sector led all others in terms of total unique phishing URLs (64,009 or 32% of the overall total). From the financial services sector, Crédit Agricole, SoftBank, Paypal, and Bank of America all made the top 10, followed by La Banque Postale, Société Générale, and American Express.

Microsoft, Google, and Netflix lead cloud brands spoofed in phishing attacks

Along with social media, the cloud industry was the only other sector to see an increase in unique phishing URLs in 2023. That was largely due to Microsoft (#2), Google (#11), and Netflix (#19). Microsoft’s and Google’s sustained popularity among hackers follows growing demand for their productivity suite platforms, Microsoft 365 and Google Workspace, respectively. This year, Microsoft announced it reached more than 382 million paid seats in Q3 2023. Meanwhile, Google announced that more than 9 million organizations pay for Google Workspace. Both product suites remain popular targets for phishing attacks.

Additional key findings from the Phishers’ Favorites 2023 report include:

  • Hackers are abusing legitimate services to bypass detection by email security solutions.
  • Quishing attacks are on the rise and demonstrating emerging techniques.
  • Phishing-as-a-Service (PhaaS) marketplaces are flourishing.

Visit AITechPark for cutting-edge Tech Trends around AI, ML, Cybersecurity, along with AITech News, and timely updates from industry professionals!

Related posts

Gradient Cyber integrates Azure Protection into its MXDR Solution


Stellar Cyber Provides Customers with Enhanced Security Operations

Business Wire

Netsurion Secures Top Honors for MDR and Threat Hunting