What are the top companies affected by fake login pages?
The researchers spent the first half of 2020 to identify fake login pages used for support hacks and phishing campaigns.
They detected more than 50.000 fake login pages and approximately 2.500 of them were polymorphic which means that they changed to mimic the likeness of the page depending on the victim’s prerequisites.
The most commonly selected victims for these phishing attacks worked in the financial, healthcare, and technology industries but also targeted government agencies.
IRONSCALES also presented the situation with the top brands affected by this problem.
On the top of the list is PayPal followed closely by Microsoft and Facebook.
How can a fake login page affect you?
PayPal can affect millions of people and losing the credentials may result in the direct loss of your earnings stored there.
However, the more concerning risk comes from the 9.500 fake login pages that can affect not only personal accounts but also company accounts for Office 365, SharePoint, and One Drive.
That means, of course, that whole businesses can be put to danger by this sort of issue. And not long ago we signaled a new Office 365 phishing campaign.
Usually, you receive an e-mail that appears legitimate and a link guiding you to the fake login page with a purpose that also seems legitimate.
Most of these messages are very hard to be detected by spam filters or any other technical controls so the only real filter is you.
The only solution for avoiding phishing and fake login pages is to carefully analyze the e-mails you open, the purpose of the message and, if you get there, the target page that you are about to log in to.