Area 1 Security Announces the Most Spoofed Brand of 2020
The World Health Organization (WHO) emerged as the 2021 March Hackness Champion, a title no organization wants to win. Researchers identified over 2 million phishing spoofs exploiting the WHO brand between May 2020 and February 2021. Attackers used sophisticated techniques such as display name spoofing, adding logos for legitimacy, and abusing legitimate services like Appspot.com to host their phishing sites. The COVID-19 pandemic influenced the attack patterns of phishing attacks in the U.S., with hackers exploiting trust in organizations like WHO, Moderna, CDC, Marketo, Columbia Sportswear, UPS, CNN, Zoom, Adidas, and Nike. Email authentication standards such as SPF, DKIM, and DMARC are not enough to prevent phishing attacks from reaching inboxes; comprehensive message analysis, computer vision, domain registration checks, and other techniques beyond email authentication are necessary for effective defense against sophisticated phish.
Company
Cloudflare
Date published
April 2, 2021
Author(s)
Shalabh Mohan
Word count
764
Language
English
Hacker News points
None found.