/plushcap/analysis/cloudflare/2021-march-hackness-phishing-champion

Area 1 Security Announces the Most Spoofed Brand of 2020

What's this blog post about?

The World Health Organization (WHO) emerged as the 2021 March Hackness Champion, a title no organization wants to win. Researchers identified over 2 million phishing spoofs exploiting the WHO brand between May 2020 and February 2021. Attackers used sophisticated techniques such as display name spoofing, adding logos for legitimacy, and abusing legitimate services like Appspot.com to host their phishing sites. The COVID-19 pandemic influenced the attack patterns of phishing attacks in the U.S., with hackers exploiting trust in organizations like WHO, Moderna, CDC, Marketo, Columbia Sportswear, UPS, CNN, Zoom, Adidas, and Nike. Email authentication standards such as SPF, DKIM, and DMARC are not enough to prevent phishing attacks from reaching inboxes; comprehensive message analysis, computer vision, domain registration checks, and other techniques beyond email authentication are necessary for effective defense against sophisticated phish.

Company
Cloudflare

Date published
April 2, 2021

Author(s)
Shalabh Mohan

Word count
764

Language
English

Hacker News points
None found.


By Matt Makai. 2021-2024.