Skip to main content

Windows 11 may be a target — Microsoft tops the list of cybercriminals' favorite brand for phishing

Windows 11 file explorer
(Image credit: @TomWarren/Twitter)

Windows 11 is in the spotlight as the next-generation operating system is set to roll out to PCs at the end of this year. As this momentous event captivates the tech world, there is a chance cybercriminals may take advantage of it. After all, Microsoft is cybercriminals' favorite brand to imitate.

According to a new Check Point Research study, during Q2 of 2021, Microsoft was the most popular company for baiting unsuspecting victims into phishing traps.

As the old adage says, "Imitation is the best form of flattery," but I'm not so sure Microsoft would appreciate cybercriminals impersonating it to lure victims into their phishing lairs. Nearly half (45%) of all brand phishing attempts were Microsoft impersonators.

Here are the top imitated brands for phishing attacks, according to Check Point Research.

Check Point Research

Check Point Research (Image credit: Check Point Research)

The investigators shared some examples of the phishing schemes they spotted, including this phony Microsoft login page replica.

Microsoft phishing

Microsoft phishing webpage (Image credit: Check Point Research)

"One of the goals of phishing attacks is to intrigue the victims with something they are familiar with, to increase the reliability of the email/SMS. Microsoft is obviously a very well-known brand, so phishing attacks that appear to be normal messages raises [cybercriminals'] success rate," said Yali Magiel, Data Analyst at Check Point Research.

In response to whether the upcoming launch of Windows 11 could make Microsoft a more attractive brand for malicious actors, Magiel said, "Yes, it could. When there is a hype surrounding a popular product, such as a new version of Windows, it raises people’s curiosity to get new information."

The investigators also witnessed a global surge in ransomware attacks, which are often spread through phishing emails with malicious attachments. Here's a Microsoft phishing email that caught the Check Point Research team's attention.

Check Point Research

Microsoft phishing email (Image credit: Check Point Research)

"The email was sent from the spoofed email address Microsoft (no-reply@microsoft[.]com) and contained the subject “Your Subscription Has Been Expired”. Here, the attacker was trying to lure victims into clicking a malicious link, which redirects the user to a fraudulent Microsoft login page. In the malicious link, the user needed to key in their Microsoft account details," Check Point Research reported.

There are obvious red flags that these phishing emails and webpages are fraudulent replicas, but as the investigators pointed out, many fail to pick up on poor punctuation, misspelled domains and other suspicious cues, causing them to fall hook, line and sinker for phishing traps.

Fortunately, thanks to Check Point Research's investigation, we now have some insight into which companies have the most impersonators, and as such, we'll be more observant.

"As always, we encourage users to be cautious when divulging their data, and to think twice before opening email attachments or links, especially emails that claim to be from companies such as Amazon, Microsoft or DHL as they are the most likely to be imitated," said Omer Dembinsky, Data Research Group Manager at Check Point Software.

Kimberly Gedeon, holding a Master's degree in International Journalism, launched her career as a journalist for MadameNoire's business beat in 2013. She loved translating stuffy stories about the economy, personal finance and investing into digestible, easy-to-understand, entertaining stories for young women of color. During her time on the business beat, she discovered her passion for tech as she dove into articles about tech entrepreneurship, the Consumer Electronics Show (CES) and the latest tablets. After eight years of freelancing, dabbling in a myriad of beats, she's finally found a home at Laptop Mag that accepts her as the crypto-addicted, virtual reality-loving, investing-focused, tech-fascinated nerd she is. Woot!