By A surge in phishing scams has put some of the world’s biggest tech brands, including Microsoft, Google, and Apple, at the top of criminals’ hit list, according to a fresh report from Check Point Research.
The new findings show that between April and June 2025, Microsoft was impersonated in 25% of phishing attempts globally, making it the most targeted brand for cybercriminals. Google followed in second place with 11%, while Apple was third at 9%.
Spotify, which hadn’t appeared among the top 10 since 2019, made a striking comeback with 6% of attacks, as scammers shifted their focus toward entertainment and subscription services. Other brands caught in the web included Adobe, LinkedIn, Amazon, Booking.com, WhatsApp, and Facebook.
Phishing is a type of cyberattack where fraudsters disguise themselves as trustworthy organisations to trick people into sharing confidential details like passwords and bank information. Attackers send fake emails or create bogus websites that look nearly identical to real login or payment pages.
According to Check Point, technology companies are the most impersonated industry sector. Nigerians who work or study using Microsoft 365, Google Workspace, or similar platforms face increased risk. Attackers target these brands because so many people rely on them daily, making it easier to fool victims into clicking suspicious links or entering sensitive information.
Spotify’s return to the top 10 highlights a growing trend. More people are using digital entertainment, so attackers are following where the users are. In one campaign, criminals set up a fake Spotify login page. When users entered their details, they were redirected to a counterfeit payment page that tried to collect their credit card data.
Phishing scams related to travel also spiked in the last quarter, with Booking.com-themed domains seeing a sharp increase, over 700 such domains were created, often mimicking real communications by including users’ actual names and booking details. These personalized ploys heightened urgency and made the scams more convincing, showing just how sophisticated phishing attacks have become.
“Cybercriminals continue to exploit the trust users place in well-known brands. The resurgence of Spotify and the surge in travel-related scams, especially during the Northern Hemisphere’s holiday season, show how phishing attacks are adapting to user behaviour and seasonal trends” – Omer Dembinsky (Data Research Manager at Check Point Software).
Experts recommend that organisations should boost their email security, train their staff, and use multi-factor authentication. Individuals should think twice before clicking links or entering passwords, especially if the message seems urgent or unfamiliar.
Phishing attacks are evolving. The more we depend on digital brands, the more we need to stay aware and protect ourselves.
We’d love your thoughts on this article! Was the information relevant to you?
