1. Home
  2. News
  3. Technology

Check Point Reveals Record Rise in Brand Phishing in Q3 2025 — Microsoft, Google, Apple Most Targete

1d ago    |     Source: Kerry Botha

Check Point Research: Microsoft Accounts for 40% of All Phishing Attacks in Q3 2025 with PayPal and DHL Returning to the Top 10.

Technology and Social Media Platforms Continue to Dominate Brand Phishing Attacks, Underscoring the Urgent Need for AI-Driven, Prevention-First Security

Check Point Research (CPR), the Threat Intelligence arm of Check Point® Software Technologies Ltd. (NASDAQ: CHKP) and a pioneer and global leader of cyber security solutions, today released its Brand Phishing Report for Q3 2025. 

The latest findings reveal a significant surge in brand impersonation attacks targeting users' most trusted digital services, with Microsoft once again the most exploited brand, appearing in 40% of all phishing attempts worldwide – a significant rise that highlights attackers' growing focus on widely used productivity platforms.

The dominance of familiar tech brands shows no sign of slowing. Google (9%) and Apple (6%) ranked second and third, respectively, and together, these three companies accounted for more than half of all phishing activity in the last quarter. 

PayPal and DHL made notable re-entries into the global top 10 after a long absence, landing in 6th and 10th place, reflecting a widening attacker focus across digital payments and logistics services – critical vectors for both consumers and enterprises.

Omer Dembinsky, Data Research Manager at Check Point Software, commented, "Phishing is no longer just about misspelled emails or poorly designed login pages — it's now AI-generated, hyper-personalised, and deeply deceptive. 

The fact that 40% of phishing attempts now impersonate Microsoft, and that familiar brands like PayPal and DHL are making a comeback, shows how attackers are doubling down on the services and everyday tools that users trust most. Combating this next wave of phishing requires a prevention-first approach, combining AI-driven security tools with strong authentication and continuous user education."

 

Top 10 Most Imitated Brands in Q3 2025


    Microsoft – 40%


    Google – 9%


    Apple – 6%


    Spotify – 4%


    Amazon – 3%


    PayPal – 3%


    Adobe – 3%


    Booking.com – 2%


    LinkedIn – 2%


    DHL – 2%


PayPal and DHL Make a Comeback as Cybercriminals Broaden Their Targets

After several quarters off the list, PayPal and DHL have re-entered the global top 10, ranking 6th and 10th, respectively.

Their return reflects cybercriminals' growing focus on financial services and logistics platforms—domains where trust and urgency can be easily manipulated to maximise the success of phishing attempts.

Check Point researchers uncovered a fraudulent DHL website (dhl-login-check[.]org) that mirrored the courier's official login page and tricked users into entering login and email credentials, phone numbers, and home addresses. For victims, the experience would appear routine, just another package-tracking sign-in, until their personal data was quietly harvested behind the scenes.

image.png

In a similar case, Check Point Research identified another masquerading PayPal phishing site (paypal-me[.]icu) which promised fake rewards using social engineering tactics, luring users into revealing sensitive information including passwords, login credentials, and credit card details. 

By blending the familiar look and feel of trusted brands with emotional triggers like urgency or reward, attackers continue to blur the line between legitimate and fraudulent online experiences.

A screenshot of a computer AI-generated content may be incorrect.Continued Focus of Sector Attacks on Technology Organisations

The Technology sector maintained its position as the most targeted industry in Q3 2025, followed by social networks and retail, underscoring how attackers continue to exploit the digital services people depend on every day, including heavily-used e-commerce and professional sites. As we enter the big shopping season, it is expected to see an increase in such phishing scams across the travel and logistics services, with hackers exploiting users' trust during the coming holiday season.  

Follow Check Point via:  

LinkedIn: https://www.linkedin.com/company/check-point-software-technologies  

X: https://www.twitter.com/checkpointsw  

Facebook: https://www.facebook.com/checkpointsoftware  

Blog: https://blog.checkpoint.com  

YouTube: https://www.youtube.com/user/CPGlobal  

About Check Point Research  

Check Point Research provides leading cyber threat intelligence to Check Point Software customers and the greater intelligence community. The research team collects and analyses global cyber-attack data stored on ThreatCloud to keep hackers at bay, while ensuring all Check Point products are updated with the latest protections. The research team consists of over 100 analysts and researchers cooprating with other security vendors, law enforcement and various CERTs. 

About Check Point Software Technologies Ltd.   

Check Point Software Technologies Ltd. (www.checkpoint.com) is a leading AI-powered, cloud-delivered cyber security platform provider protecting over 100,000 organisations worldwide. Check Point leverages the power of AI everywhere to enhance cyber security efficiency and accuracy through its Infinity Platform, with industry-leading catch rates enabling proactive threat anticipation and smarter, faster response times. The comprehensive platform includes cloud-delivered technologies consisting of Check Point Harmony to secure the workspace, Check Point CloudGuard to secure the cloud, Check Point Quantum to secure the network, and Check Point Infinity Core Services for collaborative security operations and services. 

 

Legal Notice Regarding Forward-Looking Statements  

This press release contains forward-looking statements. Forward-looking statements generally relate to future events or our future financial or operating performance. Forward-looking statements in this press release include, but are not limited to, statements related to our expectations regarding future growth, the expansion of Check Point's industry leadership, the enhancement of shareholder value and the delivery of an industry-leading cyber security platform to customers worldwide. Our expectations and beliefs regarding these matters may not materialise, and actual results or events in the future are subject to risks and uncertainties that could cause actual results or events to differ materially from those projected. The forward-looking statements contained in this press release are also subject to other risks and uncertainties, including those more fully described in our filings with the Securities and Exchange Commission, including our Annual Report on Form 20-F filed with the Securities and Exchange Commission on April 2, 2024. The forward-looking statements in this press release are based on information available to Check Point as of the date hereof, and Check Point disclaims any obligation to update any forward-looking statements, except as required by law. 

OpenAI pauses video generations of MLK Jr
18th Oct 2025
Amazon’s ring to partner with Flock
18th Oct 2025
Apple makes upgrades with new M5 chip
17th Oct 2025
You can now text Spotify’s DJ
17th Oct 2025
Threads is getting group chats
17th Oct 2025
Robotaxi service to launch in London
17th Oct 2025
Meta partners with Arm
17th Oct 2025
Airbound to build rocket-like drones
16th Oct 2025
Spotify expands parent-managed accounts
16th Oct 2025
Microsoft Accounts for 40 per cent of Attacks
16th Oct 2025
IG to show PG-13 content by default
16th Oct 2025
Chrome silences those pesky notifications
16th Oct 2025
World's 1st AI Public Servant Unveiled
14th Oct 2025
Vivo X300 Pro launches
14th Oct 2025
Apple says goodbye to the Clips app
14th Oct 2025
More Technology