top of page

DHL tops most used brand in phishing emails

A new report has highlighted the brands which were most frequently imitated by criminals in their attempts to steal individuals’ personal information or payment credentials during July, August and September...with logistics organisation DHL topping the list.

DHL is the most ‘observed brand’ for the quarter after being identified in 22% of worldwide phishing attacks.

Microsoft was seen in 16% of campaigns and LinkedIn was identified in 11%, making them second and third respectively.

The figures identified in Quarter 3 (Q3) of 2022 represent a change in brands identified to be most prevalent across the phishing landscape.

Microsoft remained the top impersonated brand for the majority of 2021, while LinkedIn took top spot for H1 of 2022 (H1 refers to the first half of the year. Thus, H1 corresponds to January, February, March, April, May, and June).

Notably, LinkedIn were seen in 52% in Q1 and 45% for Q2 this year, making a decline to 11% in Q3 a significant reduction.

Whilst this may seem good for the brand, it identifies the fact that threat actors will change their tactics to remain effective.

Whilst email users may have become robust in identifying phishing emails linked to popular brands, their guard could be down when trends shift.

With the Royal Mail strikes currently affecting the UK, there is a realistic possibility that this is used as a method to continue using parcel delivery type phishing subjects in the coming months.

However, the drastic change from LinkedIn moving from 45% in Q2 to only 11% in Q3 of this year, indicates how threat actors will change tactics to remain effective.

It would be beneficial for organisations to make personnel aware of the changing brands in phishing campaigns to help raise awareness and reduce the risks associated with falling foul of such tactics.

Staff Awareness Training

We offer Staff Awareness Training as a service to businesses who want to educate their staff about the tell-tale signs of scams, fraud and potential cyber criminality.

Find out more about Staff Awareness Training…



Report all Fraud and Cybercrime to Action Fraud by calling 0300 123 2040 or online. Forward suspicious emails to Report SMS scams by forwarding the original message to 7726 (spells SPAM on the keypad).



The contents of blog posts on this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of East Midlands Cyber Resilience Centre (EMCRC) is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. EMCRC provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us by email.


EMCRC does not accept any responsibility for any loss which may arise from reliance on information or materials published on this blog. EMCRC is not responsible for the content of external internet sites that link to this site or which are linked from it.

bottom of page