The security, performance, and reliability company Cloudflare today published a global report on the Top 50 Brands Used in Phishing Attacks. With this the company has also announced that it is opening beta access to its new brand and anti-phishing tools directly from the Security Center dashboard.
The company’s intention with these tools is to allow users to catch and mitigate phishing campaigns threatening an organization before they actually happen.
With these tools, users are enabled to automatically identify and block “confusable” domains in order to better protect their corporate networks. Using Cloudflare Gateway, users can create zero trust rules designed to prevent their employees from resolving or browsing “confusable” or lookalike domains.
While building out these tools, Cloudflare examined the frequency that domains containing phishing URLS were resolved against its 1.1.1.1 resolver in order to test the company’s capabilities against a set of commonly phished brands.
The top brand the company found was AT&T Inc., followed by PayPal, Microsoft, DHL, and Meta.
“Phishing attacks prey on our trust in the brands we love and use everyday, and are becoming more difficult to spot for even the most digitally-savvy person. Our sanity, bank accounts, and passwords shouldn’t be compromised because we glossed over a misspelled ‘from’ field or accidentally clicked on an obscure URL,” said Matthew Prince, co-founder and CEO of Cloudflare. “We’ve extended our Zero Trust services with real-time protection against new phishing sites, so our customers won’t fall victim to attacks leveraging the brands they trust.”
Cloudflare found that finance, technology, and telecommunications brands were the industries that were most commonly impersonated, mainly for the access and financial benefits that bank accounts, email and social media, and phone companies can give attackers.
The IRS was next on the list, followed by Verizon, Mitsubishi, Adobe, and Amazon. A full list of the top 50 brands can be found in the blog post.