Check Point Press Releases

Apple is Most Imitated Brand for Phishing Attempts: Check Point Research’s Q1 2020 Brand Phishing report

Check Point’s researchers highlight Yahoo! as most imitated brand for email-based phishing, and Netflix as the most imitated for mobile-based phishing attempts

San Carlos, CA  —  Mon, 13 Apr 2020

Check Point Research, the Threat Intelligence arm of Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a leading provider of cyber security solutions globally, has published its new Brand Phishing Report for Q1 2020.  The report highlights the brands which were most frequently imitated by criminals in their attempts to steal individuals’ personal information or payment credentials during Q1 of this year.

In a brand phishing attack, criminals try to imitate the official website of a well-known brand by using a similar domain name or URL and web-page design to the genuine site.  The link to the fake website can be sent to targeted individuals by email or text message, a user can be redirected during web browsing, or it may be triggered from a fraudulent mobile application. The fake website often contains a form intended to steal users’ credentials, payment details or other personal information.

Apple was the brand most frequently targeted brand by cybercriminals, soaring from seventh place in Q4 of 2019 to the top of the rankings. 10% of all brand phishing attempts related to the technology giant, as bad actors sought to capitalize on its powerful brand recognition. Netflix took the second spot with 9% of all phishing attempts related to the company, perhaps in part due to the increase in people accessing the service during the coronavirus pandemic. Meanwhile the Chase Bank brand rose by 3% from Q4 2019 to take the sixth position, with 5% of all phishing attempts seeking to exploit this brand.

The most likely industry to be targeted by brand phishing was technology, followed by banking and then media. This illustrates a broad spread of some of the best-known and most used consumer sectors, particularly during the coronavirus pandemic and associated quarantine, whereby individuals are grappling with remote working technology, potential changes to finances, and an uplift in home entertainment services such as streaming.

Top phishing brands in Q1 2020

The top brands are ranked by their overall appearance in brand phishing attempts:

  1. Apple (related to 10% of all brand phishing attempts globally)
  2. Netflix (9%)
  3. Yahoo (6%)
  4. WhatsApp (6%)
  5. PayPal (5%)
  6. Chase (5%)
  7. Facebook (3%)
  8. Microsoft (3%)
  9. eBay (3%)
  10. Amazon (1%)

Top phishing brands by platform

During Q1 2020, similar brands were used in mobile and web phishing vectors, which included banking and streaming services such as Chase and Netflix. Web phishing was the most prominent at 59%, followed by mobile phishing as the second most attacked platform compared to Q4 of 2019, where it ranked third. This is due to people spending more time on their mobile phones during the Coronavirus pandemic, which cybercriminals are taking advantage of.

Email (18% of all phishing attacks during Q1)

  1. Yahoo
  2. Microsoft
  3. Outlook
  4. Amazon

Web (59% of all phishing attacks during Q1)

  1. Apple
  2. Netflix
  3. PayPal
  4. eBay

Mobile (23% of all phishing attacks during Q1)

  1. Netflix
  2. Apple
  3. WhatsApp
  4. Chase

“Cybercriminals continue to exploit users by adopting highly sophisticated phishing attempts via emails, web and mobile applications purporting to be from well-recognized brands which they know will be in high demand at the moment, whether that’s a high profile product launch or just generally tapping into behavioral changes we’ve seen during the Coronavirus pandemic,” said Maya Horowitz, Director, Threat Intelligence & Research, Products at Check Point. “Phishing will continue to be a growing threat in the coming months, especially as criminals continue to exploit the fears and needs of people using essential services from their homes. As always, we encourage users to be vigilant and cautious when divulging personal data.”

Check Point’s Brand Phishing Report is powered by Check Point’s ThreatCloud intelligence, the largest collaborative network to fight cybercrime which delivers threat data and attack trends from a global network of threat sensors. The ThreatCloud database holds over 250 million addresses analyzed for bot discovery, more than 11 million malware signatures and over 5.5 million infected websites and identifies millions of malware types daily.


Follow Check Point Research via:




About Check Point Research

Check Point Research provides leading cyber threat intelligence to Check Point Software customers and the greater intelligence community. The research team collects and analyzes global cyber-attack data stored on ThreatCloud to keep hackers at bay, while ensuring all Check Point products are updated with the latest protections. The research team consists of over 100 analysts and researchers cooperating with other security vendors, law enforcement and various CERTs.

About Check Point Software Technologies Ltd.

Check Point Software Technologies Ltd. ( is a leading provider of cyber security solutions to governments and corporate enterprises globally. Its solutions protect customers from 5th generation cyber-attacks with an industry leading catch rate of malware, ransomware and other types of attacks. Check Point offers multilevel security architecture, “Infinity” Total Protection with Gen V advanced threat prevention, which defends enterprises’ cloud, network and mobile device held information. Check Point provides the most comprehensive and intuitive one point of control security management system. Check Point protects over 100,000 organizations of all sizes.


This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.