Apple has found itself the winner of what can only be called a very dubious honor: The brand most used by scammers to trick their victims into opening a phishing email, according to a new study by the security firm Area 1.
To lay out exactly how Apple ended up in the top spot, Shalabh Mohan, vice president of product and marketing at Area 1, created a bracket styled on the one used in college basketballs' NCAA tournament, that listed the top 64 most-referenced brands used in phishing scams. These are not the companies that were victimized, but those the attacker referenced to fool a victim into opening an email or clicking on an attachment.
In the phishing ‘final four' were Apple, Yahoo, Paypal and Dropbox with Apple defeating Yahoo. Mohan said Apple's ‘victory' was considered an upset, adding that Paypal and Yahoo were expected to battle it out. However, he believes Apple was given a boost this year by its near-constant presence in the headlines as the company battled with the FBI and Department of Justice over whether or not it should unlock the iPhone 5C used by one of the San Bernardino, Calif. terrorists.
| For a full size version click here.
Mohan also believes Apple's greatest asset helps make the brand very useful to phishers.
“Attackers use that brand because consumers trust it so much,” he told SCMagazine.com.
Area 1 also discovered that while only 37.5 percent of the top 64 most phished brands were U.S.-based, its companies suffer the majority of phishing attacks. Interestingly, most of the attackers are also U.S.-based with Area 1 finding that 62 percent of the URLs that hosted an attack to be from one of the 50 states.
The importance of using a well-known and respected brand or organization was also revealed. Mohan noted that the 64 entities that made the bracket were referenced in 70 percent of all phishing attacks.