Security & Privacy

Google, Dropbox and YouTube top three brands spoofed in 2020: report

Other brands in the list include Facebook, Amazon, Apple and Microsoft

Google, Dropbox and YouTube were the top three brands spoofed in spam in 2020, according to IBM’s latest security report.

IBM notes that threat actors use spoofing technology and social media giants based on their popularity and users’ expectation of accessing these assets digitally.

“In addition, spoofing email and email-associated platforms such as Google Gmail or Microsoft 365 is a common threat actor technique,” the report outlines.

Other technology brands that made the top list include Facebook, Amazon, Apple, Microsoft, PayPal and WhatsApp. Aside from PayPal, all of these companies had made the list in 2019 as well.

Interestingly, Adidas was the only non-technology company to make the top ten list of most spoofed brands.

IBM states that PayPal’s entrance into the top ten is likely due to cybercriminals looking to steal credentials or funds in financial scams. It also notes that these brands are also easily monetized by threat actors since compromised accounts can be sold on the dark web.

Further, the report also found that cyberattacks on healthcare, manufacturing and energy doubled from the year prior. The increase in cyberattacks on healthcare is likely due to COVID-related attacks and an increase in ransomware attacks against hospitals.

“The pandemic reshaped what is considered critical infrastructure today, and attackers took note. Many organizations were pushed to the front lines of response efforts for the first time — whether to support COVID-19 research, uphold vaccine and food supply chains, or produce personal protective equipment,” said Nick Rossman, the global threat intelligence lead at IBM, in a news release.

“Attackers’ victimology shifted as the COVID-19 timeline of events unfolded, indicating yet again, the adaptability, resourcefulness and persistence of cyber adversaries,” Rossman stated.

The report also reveals that the world experienced more ransomware attacks last year when compared to 2019. Interestingly, Europe experienced more attacks than any other region.

Cyberattacks have evolved as criminals sought to profit from the unprecedented circumstances brought on by the COVID-19 pandemic.