info@businessghana.com
Check Point Research (CPR), the Threat Intelligence arm of Check Point® Software Technologies Ltd. (NASDAQ: CHKP) and a pioneer and global leader of cyber security solutions, has released its latest Brand Phishing Ranking for Q2 2025. The report outlines the brands most frequently impersonated by cybercriminals to steal sensitive personal and financial information, underscoring the persistent evolution of phishing tactics.
In Q2 2025, Microsoft retained its position as the most targeted brand, appearing in 25% of all phishing attempts. Google followed in second place with 11%, and Apple held third at 9%. In a notable development, Spotify reentered the top 10 list for the first time since Q4 2019, ranking fourth with 6% of phishing activity. The Technology sector remained the most impersonated industry, followed by Social Networks and Retail.
Omer Dembinsky, Data Research Manager at Check Point Software, commented: "Cybercriminals continue to exploit the trust users place in well-known brands. The resurgence of Spotify and the surge in travel-related scams, especially in light of summer and school holiday travel in the Northern Hemisphere, show how phishing attacks are adapting to user behavior and seasonal trends. Awareness, education, and security controls remain critical to reducing the risk of compromise."
Top 10 Targeted Brands in Q2 2025
Below are the brands most frequently targeted by phishing attacks during Q2 2025:
Q STATS 2025 Q2
|
Region |
Country |
Weekly Attacks per Organizations (Q2 2025) |
YoY Change |
|
Americas |
Argentina |
2298 |
+43% |
|
Brazil |
2831 |
+3% |
|
|
Canada |
1368 |
+23% |
|
|
Chile |
2077 |
+4% |
|
|
Colombia |
3605 |
+14% |
|
|
Mexico |
3449 |
+19% |
|
|
United States |
1423 |
+20% |
|
|
APAC |
Australia |
1701 |
+19% |
|
China |
1939 |
+12% |
|
|
Hong Kong |
1792 |
+76% |
|
|
India |
3217 |
+0.5% |
|
|
Japan |
1170 |
-16% |
|
|
New Zealand |
1927 |
+43% |
|
|
Korea |
1014 |
+24% |
|
|
Singapore |
2239 |
+26% |
|
|
Taiwan |
4055 |
-0.1% |
|
|
EMEA |
Angola |
4179 |
-28% |
|
Austria |
1717 |
+6% |
|
|
Belgium |
1275 |
+17% |
|
|
Czechia |
2293 |
+10% |
|
|
Denmark |
1372 |
+5% |
|
|
Finland |
1010 |
-0.3% |
|
|
France |
1224 |
+45% |
|
|
Germany |
1286 |
+22% |
|
|
Greece |
1494 |
+20% |
|
|
Ireland |
1183 |
+10% |
|
|
Italy |
2377 |
+27% |
|
|
Kenya |
3537 |
-17% |
|
|
Luxembourg |
1862 |
+59% |
|
|
Netherlands |
1144 |
+50% |
|
|
Nigeria |
5616 |
+113% |
|
|
Norway |
1811 |
+20% |
|
|
Poland |
1689 |
+21% |
|
|
Portugal |
2155 |
+19% |
|
|
Russia |
2930 |
+26% |
|
|
South Africa |
2169 |
+50% |
|
|
Spain |
1950 |
+36% |
|
|
Sweden |
1819 |
+32% |
|
|
Switzerland |
1097 |
+9% |
|
|
United Arab Emirates |
1938 |
+25% |
|
|
United Kingdom |
1255 |
+25% |
Phishing Campaign Impersonating Spotify
One of the most prominent phishing attacks this quarter targeted Spotify users. Cybercriminals created a malicious login page, which replicated the official Spotify login experience, complete with authentic branding and design. Victims were asked to enter their usernames and passwords, which were then funneled to a fake payment page that attempted to steal credit card details as well.
This campaign marks Spotify's first reappearance in phishing top charts since Q4 2019—and underscores how entertainment services are now being exploited just as aggressively as tech platforms.
Booking.com Confirmation Scam Surge
Another major trend in Q2 was the sharp increase in Booking.com-themed phishing domains, with over 700 new domains registered using the confirmation-id****.com format. This represents a 1000% increase compared to earlier in the year.
Sample phishing domain:
Many of these domains embedded real user data, such as names and contact details, to enhance credibility and urgency. Although these sites were short-lived, they illustrate the increasing personalisation and targeting capabilities of phishing campaigns.
Industry Trends: Technology and Digital Platforms Under Siege
The Technology sector continued to dominate as the most impersonated industry in phishing attacks during Q2 2025. Tech giants like Microsoft, Google, and Apple remain prime targets due to their widespread use in authentication and productivity workflows.
Social media platforms like LinkedIn, WhatsApp, and Facebook also remained high-risk targets. The Retail and Travel sectors—including Amazon and Booking.com—were exploited by attackers seeking to capitalise on seasonal shopping and travel activity.
The Check Point Brand Phishing Ranking is published quarterly and is based on data drawn from Check Point's ThreatCloud AI platform—the world's largest collaborative cyber threat intelligence network. The report analyses phishing emails, fake websites, and impersonation attempts across multiple vectors.
Follow Check Point via:
LinkedIn: https://www.linkedin.com/company/check-point-software-technologies
X: https://www.twitter.com/checkpointsw
Facebook: https://www.facebook.com/checkpointsoftware
Blog: https://blog.checkpoint.com
YouTube: https://www.youtube.com/user/CPGlobal
