Close this search box.

These Are the Most Spoofed Brands in Phishing in 2023

Most spoofed brands

Phishing scams have been around for years. They’ve evolved more as time passed but still exist with the same goal — to steal users’ personal information or obtain access to their accounts. Check Point Research has released a new study noting the most spoofed brand names used in phishing attacks for the year so far.

Walmart was the most imitated brand for the first quarter of 2023. Their brand name jumped all the way from 13th place — from the last quarter of 2022 — to first place this year and accounted for 16% of global phishing attacks. The report shows DHL came in a close second again and Microsoft retained its third-place ranking in most spoofed brands, as well.

Malicious Emails Causing Massive Problems for Recipients

Most of these phishing scams involved people receiving emails or messages from cybercriminals — thinking it is from a trusted company — to trick them into entering sensitive information. This information would then be stolen with ill intent. Here are the top nine brands imitated in global phishing campaigns:

  1. Walmart (16%)
  2. DHL (13%)
  3. Microsoft (12%)
  4. LinkedIn (6%)
  5. FedEx (4.9%)
  6. Google (4.8%)
  7. Netflix (4%)
  8. Raiffeisen (3.6%)
  9. Paypal (3.5%)

Some of the most spoofed brands have stayed in the same spot from the last quarter in 2022 — DHL, Microsoft and Netflix — but new contenders like Walmart might surprise readers. What changes made Walmart climb the phishing imitation ladder?

What Caused the Drastic Change in Rankings?

The study says the massive change in Walmart’s rankings is due to the significant phishing campaign that has been going around since the start of this year. This scam says it’s about the “supply system collapse” and urges recipients to click on a malicious survey link. Click Point Research also stated the most imitated brands are usually in the tech industry, followed by the shipping and retail sector.

Raiffeisen — an international bank in Austria — also made the top ten list of most spoofed brands this year. This campaign accounted for 3.6% of phishing attacks and involved recipients receiving emails about fraudulent activity on their accounts. The mail contained a malicious link that, if clicked, would allow cyberattackers to steal the sensitive information the users entered.

In the case of the Raiffeisen phishing campaign, cybercriminals were stealing information to obtain access to the recipient’s account. However, with these attacks, criminals can also target payment or any other sensitive information.

In the Netflix scam — which accounted for 4% of the phishing scams for the beginning of 2023 — many people received an email that indicated the recipient’s account had been suspended due to a problem with the billing cycle. The mail contained a link that would send people to a malicious website where it would record and steal the banking information entered.

4 Warning Signs to Recognize a Phishing Scam

While some of these warning signs are obvious — such as grammatical mistakes or domain names that make no sense — others are less so and require further inspection. It’s always best to stay well informed on the different types of attacks cybercriminals use, as the rate of cybercrime has increased 300% since 2020. Here are four indicators to be on the lookout for.

This phishing scam can often be hard to detect. In general, this is where cyber attackers make the entire email a clickable link. If the recipient clicks anywhere in the email, they’re either taken to a malicious site or malware is downloaded on their computer.

Genuine emails sent by respected and well-known brands will not trick people into going to their website or to download anything. If recipients are unsure about an email they’ve received and want to follow up with the party involved, always use contact information from the organization’s website.

Pay attention to the link in the email. If it doesn’t match the URL, it’s a dead giveaway of a phishing scam. If the user is unsure about a link or mail they received, contact the organization — with the correct contact details found on their site — and ask for further details.

3.   Grammar Mistakes in the Message

Genuine businesses will not send emails riddled with grammatical errors. This is usually a clear sign the mail is from a different sender — especially if it asks to confirm login details or enter other sensitive information. If a message is full of grammatical errors, it would be wise to leave it alone and contact the company directly.

4.   Emails Asking for Sensitive Information

Real organizations don’t send emails asking the recipient to confirm account information or to enter credit card details. This is a clear sign the email is from a cybercriminal. In the case of banking information, a bank will usually ask the sender — by name and not addressed in general — to please visit the closest branch to get the situation sorted.

If the email mentions the recipient by name, it’s only sometimes an indicator it comes from the intended organization. In this case, it might be the cyber attacker using spear phishing tactics — a more targeted form of phishing — to deceive the reader.

What to Do if Falling Victim to a Phishing Scam

While spoofed brands is a scary situation, the best thing to do is to stay calm and take immediate action. Here are a few suggestions to use when accidentally falling victim to a phishing scam:

  • Contact the bank immediately: If the email targets account information, the bank can block the cybercriminal from accessing funds and secure the account — if the user takes this action quickly.
  • Change your passwords: If there are suspicions an account is compromised, log in and change the passwords. Being unable to log in may mean the criminal has already changed the credentials, so contact the organization directly and ask for immediate assistance.
  • Scan for malware or viruses: If the user accidentally downloaded something they don’t trust, the best thing to do is scan for any malicious software. In most cases, an anti-virus should be able to make the device secure again, but further action might be necessary — such as contacting the bank if the malware targets banking information.
  • Set up multi-factor authentication: This acts as another layer of protection. It could keep an account safe even if cyber attackers manage to obtain the password. Consider enabling multi-factor authentication on all accounts for an additional security layer.

Have Peace of Mind

Anyone could fall victim to phishing scams, and it doesn’t have to be from one of the listed most spoofed brands as they’re becoming increasingly complex and more convincing. Pay attention to the type of emails and messages received. If unsure, contact the organization involved with the information they provide on their website. Knowing the warning signs of a phishing scam can help recipients avoid them at all costs and provide peace of mind.


Q: What does “spoofed brands” mean in phishing?

A: “Spoofed brands” in phishing refer to cybercriminals imitating legitimate brands to deceive users into revealing sensitive information.

Q: How do cybercriminals use spoofed brands in phishing attacks?

A: Cybercriminals create fake websites, emails, or messages that mimic well-known brands, tricking users into sharing personal data or login credentials.

Q: Which brands are commonly spoofed in phishing attacks?

A: In 2023, some of the most commonly spoofed brands include popular banks, social media platforms, e-commerce sites, and tech companies.

Q: How can I identify a phishing attempt using a spoofed brand?

A: Look for subtle differences in URLs, check for spelling errors, and verify sender email addresses. Legitimate brands rarely ask for sensitive info via email.

Q: How can I protect myself from falling victim to phishing attacks with spoofed brands?

A: Be cautious with unsolicited emails, avoid clicking on suspicious links, and use multi-factor authentication for added security. Stay informed about the latest phishing trends.

WIll Sue of Gerent
Data Loss Prevention
Ransomware Attacks on Banks

Explore our topics