Apple is the online store of choice for phishing scams

(Image credit: Gustavo Frazao / Shutterstock)

When it comes to tricking people into giving away sensitive data or downloading malware, cybercriminals will impersonate any brand that has a solid consumer base. But one company stands out in particular - Apple.

This is according to cybersecurity researchers from AtlasVPN, who analyzed data provided by Kaspersky and discovered that e-shop phishing scams accounted for almost half (42%) of all financial phishing cases last year. 

Of that number, in almost two-thirds (60%) of cases, threat actors would impersonate Apple. Most often, hackers would create fake giveaways, pretending to offer new iPhone or new iMac devices in some sort of contest.

Amazon is in there, too

Such scams included offering new iPhones to those who successfully predict the results of major sporting events, like matches played in the FIFA World Cup. 

While Apple may be the most popular brand to imitate, it’s hardly the only one. Amazon was second-placed with 15% of all impersonations in e-shop phishing sites and emails. Cumulatively, these two companies make up around three quarters of all phishing attacks.

Companies in the banking and payment system industries comprise around 10% of all financial phishing occurrences each, while Mercari, MercadoLibre, and eBay appeared in around 6% of cases. For payment systems, PayPal is the most commonly spoofed, accounting for almost 85% of all fakes in this area. 

Next to ransomware and business email compromise (BEC) attacks, phishing is one of the most popular attack vectors in the world. With a low barrier to entry and huge potential, hackers send millions of malicious emails every day. 

Furthermore, other threat actors are happy to sell phishing kits on the dark web, making it even easier for those so inclined to turn to cybercrime.

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.