Check Point Research (CPR), the Threat Intelligence arm of Check Point® Software Technologies Ltd. (NASDAQ: CHKP), announced its Brand Phishing Report for Q3 2025. The report revealed a sharp increase in brand impersonation attacks targeting users’ trusted digital services. Microsoft remained the most exploited brand, appearing in 40% of all phishing attempts worldwide.

The findings showed that Google (9%) and Apple (6%) ranked second and third, with these three tech giants accounting for more than half of all phishing activity. PayPal and DHL also re-entered the global top 10, ranking 6th and 10th, reflecting a growing attacker focus on digital payments and logistics services.

Omer Dembinsky, Data Research Manager at Check Point Software, reported that phishing has evolved beyond misspelled emails and fake login pages. “It is now AI-generated, hyper-personalized, and deeply deceptive,” he said. “With Microsoft targeted in 40% of attacks, and familiar brands like PayPal and DHL making a comeback, attackers are focusing on the services users trust most. Combating this requires AI-driven security, strong authentication, and continuous user education.”

Check Point researchers discovered a fraudulent DHL site (dhl-login-check[.]org) mimicking the official login page, tricking users into sharing credentials and personal data. Similarly, a fake PayPal website (paypal-me[.]icu) lured victims with false rewards to capture sensitive information such as passwords and credit card details.

The Technology sector remained the most targeted in Q3 2025, followed by social networks and retail. Analysts reported that phishing scams are expected to rise during the holiday season, particularly across travel and logistics services, as attackers exploit user trust.

Key points:

• Microsoft, Google, and Apple top brand phishing attacks in Q3 2025.
• PayPal and DHL return to top 10, signaling wider attacker focus.
• Phishing is increasingly AI-driven, personalized, and deceptive.

Related post

View all