top of page

Microsoft finally dethroned as the most imitated brand in the phishing economy

Email security company Checkpoint have published their fourth and final quarterly phishing report for 2021, which identifies global delivery company DHL as the most imitated brand by phishing threat actors.

This finding is particularly surprising given that Microsoft came first in the same report 12 months earlier when they were imitated in a whopping 43% of all phishing attacks, with DHL a distant second with only a 12% share.

Covid-19 has impacted nearly all facets of everyday life. It has changed how we live, work, socialise and shop. All commercial sectors have evolved to adapt to this monumental shift in how people live their lives. Reports such as this reveal that cybercriminals have not been immune to this shift as they seek to imitate brands that are relevant and familiar.

Courier or parcel fraud has been particularly rife during the pandemic, with an increase in online shopping recorded due in no small part to lockdowns and restrictions, the fact that people would rather shop online amidst Covid uncertainty and, of course, the ease of online ordering.

What's interesting, is that if you look at the same report in the pre-covid era of Q4 2019, it is striking to note that DHL does not even make the top 10 of imitated brands within the world of phishing exploits:

In a world trying to come to grips with the Covid-19 pandemic, people’s online habits changed, as they became more reliant upon online shopping and delivery services, professional networking and job-hunting apps, and online gaming sites.

The latest Q4 phishing brand report highlights this shift, as threat actors seek to imitate the current most popular services:

Related articles



Report all Fraud and Cybercrime to Action Fraud by calling 0300 123 2040 or online. Forward suspicious emails to Report SMS scams by forwarding the original message to 7726 (spells SPAM on the keypad).



The contents of blog posts on this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of East Midlands Cyber Resilience Centre (EMCRC) is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. EMCRC provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us by email.


EMCRC does not accept any responsibility for any loss which may arise from reliance on information or materials published on this blog. EMCRC is not responsible for the content of external internet sites that link to this site or which are linked from it.

bottom of page