Cyber Security
Check Point Research Reveals Q2 2024 Brand Phishing Trends

Check Point Research (CPR), the Threat Intelligence arm of Check Point Software Technologies has released its latest Brand Phishing Ranking for Q2 2024. The ranking highlights the brands most frequently imitated by cybercriminals in their attempts to deceive individuals and steal personal information or payment credentials. For the second quarter this year, Microsoft remained the most imitated brand in phishing attacks, accounting for more than half of all attempts with 57%. Apple jumped to second spot with 10%, moving up from fourth position in the first quarter of 2024, and LinkedIn kept its previous third place ranking with 7% of such attempts. Meanwhile, there were new entries to the list with Adidas, WhatsApp, and Instagram moving into the top 10 for the first time since 2022.
The Technology sector remained the most impersonated industry in brand phishing, followed by Social Networks and Banking. Technology companies often hold sensitive information, including personal data, financial information, and access to other accounts, which makes them valuable targets for attackers. Companies such as Microsoft, Google and Amazon, who all appeared on the list, deliver essential and frequently used services such as email, cloud storage, and online shopping. That means people are more likely to respond to messages that appear to be from these critical service providers.
Omer Dembinsky, Data Group Manager at Check Point Software, emphasized the persistent threat of phishing attacks, stating, “Phishing attacks remain one of the most pervasive cyber threats and are often the entry point for much larger scale campaigns a supply chain. To protect against phishing attacks, users should always verify the sender’s email address, avoid clicking on unsolicited links, and enable multi-factor authentication (MFA) on their accounts. Additionally, using security software and keeping it updated can help detect and block phishing attempts.”
Top Phishing brands
Below are the top 10 brands ranked by their overall appearance in brand phishing events during Q2 2024:
Microsoft (57%)
Apple (10%)
LinkedIn (7%)
Google (6%)
Facebook (1.8%)
Amazon (1.6%)
DHL (0.9%)
Adidas (0.8%)
WhatsApp (0.8%)
Instagram (0.7%)
Adidas Phishing Campaigns
Last quarter, Check Point Research observed several phishing campaigns targeting users by impersonating Adidas brand websites. For instance, adidasyeezys[.]cz (Figure 1) and adidasyeezys[.]it (Figure 2) are designed to deceive victims into believing they are authentic Adidas Yeezy sites, closely mimicking the appearance of the legitimate Adidas site at https://news.adidas.com/yeezy. These fraudulent sites aim to lure users into entering their credentials and personal information, exploiting their resemblance to the original site to successfully steal information. Similarly, adidas-ozweego[.]fr (Figure 3) and adidascampus[.]co[.]at (Figure 4) mimic the official Adidas platform.
Furthermore, adidasoriginalss[.]fr currently appears inactive for phishing and instead hosts advertisements.
Instagram Phishing Campaigns
In the last quarter, researchers observed numerous campaigns utilizing the Instagram brand to perpetrate online scams. As a result, Instagram has risen to the 10th position on the list of top brands impacted by phishing, marking its first appearance there since 2022.
In recent months, CPR identified phishing campaigns impersonating Instagram to deceive users into divulging their login credentials. One instance involves a phishing page hosted at instagram-nine-flame].[vercel].[app/login (figure 1), which mimics Instagram’s login interface. This page, hosted on Vercel, a platform for creating React applications, prompts users to enter their usernames and passwords.
Another observed campaign utilized the domain instagram-verify-account].[tk (figure 2). Although currently inactive, it previously displayed a message designed to trick users into entering personal information under the guise of verifying their Instagram accounts. Such tactics aim to exploit trust and deceive users into compromising their credentials.
Cyber Security
Cloud and IoT Vulnerabilities Expose Smart Cities and Industrial Systems to Cyber Risks

Ezzeldin Husein, the Regional Senior Director for Solution Engineering – META at SentinelOne says cyberattacks on MEA’s critical infrastructure are becoming more sophisticated, with nation-state actors, ransomware gangs, and hacktivists targeting energy, finance, and transportation sectors (more…)
Cyber Security
Cyberattacks on Critical Infrastructure Originate from Nation-State Actors or Sophisticated APT Groups

Saran B. Paramasivam, the Regional Director for Middle East and Africa (MEA) at Zoho says the most notable trends in cyber attacks targeting critical infrastructure systems are the rise of ransomware and social engineering attacks (more…)
Cyber Security
APT Groups Are Increasingly Targeting OT Systems

Ilya Leonov, the Regional Director for MENA at Positive Technologies says many organisations rely on legacy OT systems with limited security controls, making them attractive targets for cybercriminals (more…)
-
Artificial Intelligence1 week ago
DeepSeek-R1 AI Poses 11x Higher Harmful Content Risk
-
Artificial Intelligence6 days ago
DeepSeek Popularity Exploited in Latest PyPI Attack
-
Artificial Intelligence6 days ago
SentinelOne to Spotlight AI-Driven Cybersecurity at LEAP 2025
-
Cyber Security3 days ago
Employees Are the First Line of Defense
-
News5 days ago
Sophos Completes Secureworks Acquisition
-
Homeland Security1 week ago
Daimler Truck Focuses on Growth in the Defence Sector
-
Cyber Security3 days ago
Proactive Threat Intelligence Can Keep Threats at Bay
-
Cyber Security1 week ago
Tenable Plans to Acquire Vulcan Cyber