The Cloud Threats Memo is a weekly series from Paolo Passeri, digging into a recent cloud threat and highlighting how Netskope can best help mitigate it.
The Anti-Phishing Working Group has recently released its Q4 Phishing Trends Report 2020, which analyzes the top phishing attacks and other identity theft techniques, as reported by the members of the group.
The latest edition brings an important change: according to the APWG data, in Q4 2020 “SaaS/Webmail” was no longer the most targeted sector, sliding to number two with 22.2% (from 31.4% in Q3 2020), and it was overtaken by “Financial Institutions” with 22.5% (from 19.2% in Q3 2020).
Despite this apparent decrease, SaaS/Webmail services are still top-of-mind for threat actors. A similar recent report released by Check Point saw, unsurprisingly, Microsoft leading the pack of the most impersonated brands in Q4 2020 with a whopping 43%. And Microsoft it’s not the only cloud service in the top ten, given that Linkedin (another brand of the Microsoft galaxy), and Google also appear in the top ten at number three (6%) and seven (2%), respectively. Interestingly, this report places Technology at the