Cyber criminals are sticking with familiar names, and Microsoft remains their favorite disguise.
According to Check Point Research’s Brand Phishing Report for Q3 2025, Microsoft accounted for 40% of all brand impersonation attempts this quarter, holding its place as the most targeted company worldwide.
Familiar Tech Brands Continue to Lead
The dominance of major tech players in phishing campaigns shows no sign of slowing. Google ranked second with 9% of all brand-related phishing attempts, followed by Apple at 6%. Together, these three tech giants represented more than half of all phishing activity during the quarter.
The technology sector was the most impersonated overall, followed by social networks and the retail industry, highlighting how attackers continue to exploit digital services people rely on every day.
PayPal and DHL Make a Comeback
After several quarters off the list, PayPal and DHL have re-entered the top ten, ranking 6th and 10th, respectively. Their return reflects a renewed focus among cyber criminals on financial platforms and shipping services, areas where trust and urgency can be easily manipulated.
Top 10 Most Imitated Brands — Q3 2025
- Microsoft – 40%
- Google – 9%
- Apple – 6%
- Spotify – 4%
- Amazon – 3%
- PayPal – 3%
- Adobe – 3%
- Booking – 2%
- LinkedIn – 2%
- DHL – 2%
DHL Impersonation: The Perfect Delivery Trap
Check Point researchers recently discovered a fake website hosted at dhl-login-check[.]org, built to mimic DHL’s legitimate login page down to the logo and layout. The site’s purpose was clear: to create a convincing façade that encouraged users to enter their login credentials, email addresses, phone numbers, and home addresses.
For victims, the experience would appear routine, just another package-tracking sign-in, until their personal data was quietly harvested behind the scenes.
Fraudulent DHL page
PayPal Phishing: Exploiting Trust for Profit
In a similar case, Check Point Research identified another phishing site at paypal-me[.]icu, masquerading as an official PayPal service. The attackers used social engineering tactics to promise fake rewards, luring victims to click and provide login credentials, passwords, and even credit card details.
By blending the familiar look and feel of trusted brands with emotional triggers like urgency or reward, attackers continue to blur the line between legitimate and fraudulent online experiences.
Fraudulent PayPal page
How to Stay Protected from Phishing in 2025
With phishing tactics becoming more targeted and deceptive, it is essential to stay ahead of attackers. Here is how users and organizations can reduce their risk:
- Enable Multi-Factor Authentication (MFA) on all accounts to add a critical layer of security beyond passwords.
- Inspect URLs and email senders carefully before clicking or submitting personal information, even if the message appears to come from a trusted brand.
- Educate employees through regular phishing awareness training to help them spot deceptive emails and fake login pages.
- Deploy advanced protection, such as Check Point Harmony Email, which uses AI to block phishing emails before they reach the inbox.
Phishing continues to evolve, but awareness, verification, and layered defense remain the most effective tools against it.