A new report by Check Point Research, the Threat Intelligence division of Check Point Software Technologies Ltd., has revealed a troubling surge in brand impersonation attacks, with Microsoft, Google, and Apple among the top targets of phishing campaigns in the second quarter of 2025.

According to the report, Microsoft was the most impersonated brand between April and June 2025, accounting for 25 percent of all global phishing attempts. Google followed with 11 percent, while Apple secured the third position with 9 percent of phishing incidents. The findings highlight an ongoing pattern where cybercriminals exploit user trust in leading tech brands to carry out identity theft and financial fraud.

The findings also noted that Spotify returned to the top 10 most impersonated brands for the first time since the fourth quarter of 2019. It ranked fourth, responsible for six percent of phishing activities in the period under review. Other frequently impersonated names included Adobe, LinkedIn, Amazon, Booking.com, WhatsApp, and Facebook, confirming that both technology and consumer platforms remain prime targets for threat actors.

Check Point explained that the technology sector continues to be the most impersonated industry, with attackers leveraging users’ reliance on software, cloud-based platforms, and digital authentication services to access sensitive data. By mimicking trusted brands, cybercriminals aim to steal login credentials, credit card numbers, and other private user information.

One of the standout phishing campaigns during the quarter targeted Spotify users. Attackers created a fraudulent login page that replicated the authentic Spotify interface. Upon submitting their login credentials, victims were redirected to a fake payment portal designed to extract credit card details. This attack underscores a growing shift toward entertainment and subscription-based services, reflecting the expanding digital lifestyle of global users.

The travel industry was also hit hard during the quarter, with a notable spike in phishing activity linked to Booking.com. More than 700 phishing domains mimicking Booking.com were registered in Q2 2025. Many of these sites used formats such as “confirmation-id**.com” and embedded real user information including names and contact details—to lend credibility and urgency to the fraudulent messages. These tactics illustrate a broader evolution in phishing techniques, where attackers now rely on data-driven personalisation to boost the effectiveness of their scams.

Commenting on the findings, Omer Dembinsky, data research manager at Check Point Software, noted: “Cybercriminals continue to exploit the trust users place in well-known brands. The resurgence of Spotify and the surge in travel-related scams, especially during the Northern Hemisphere’s holiday season, show how phishing attacks are adapting to user behavior and seasonal trends.”

While the phishing campaigns are global in scope, Nigerian users—both individuals and organisations, are not exempt from these threats. The widespread adoption of platforms such as Microsoft Office 365, Google Workspace, Facebook, WhatsApp, and Spotify in Nigeria has increased exposure to phishing attempts. 

While these platforms provide valuable tools for communication and business growth, they are equally being exploited by malicious actors to carry out identity theft and online fraud.

Despite ongoing investments in artificial intelligence, automated filters, and human moderators by these tech giants to detect and remove harmful content, phishing scams persist. Attackers continuously evolve their methods, slipping through platform defenses and targeting unsuspecting users with sophisticated bait.

The consequences are far-reaching. Phishing scams targeting well-known brands pose direct threats to corporate data integrity and the financial security of individuals. Businesses risk data breaches and reputational damage, while individual users may suffer financial losses or compromised social media accounts.

In light of these developments, cybersecurity experts urge organisations to bolster their defenses by implementing multi-layered security protocols. These include advanced email protection systems, multi-factor authentication (MFA), and comprehensive employee training programs focused on recognising phishing attempts.

Likewise, individuals are advised to exercise caution when interacting with unsolicited emails, especially those requesting login credentials or payment details. Suspicious links, urgency-driven messages, and unfamiliar email addresses should be treated with skepticism.

Phishing remains one of the most prevalent and effective tools in the cybercriminal playbook. As threat actors become more strategic;capitalising on brand trust, digital behaviors, and seasonal trends—heightened vigilance and continuous cybersecurity awareness are essential to safeguarding digital assets and personal information.