---
title: "Latest Phishing Trends: Financial Services, Facebook, and Microsoft, the Biggest Impersonation Targets of Threat Actors | Phish Protection"
description: "Phishing remains the top method that cybercriminals use to target individuals and employees worldwide to lure them in and lead them to fake applications."
image: "https://phishprotection.com/og/blog/latest-phishing-trends-the-biggest-impersonation-targets-of-threat-actors.png"
canonical: "https://phishprotection.com/blog/latest-phishing-trends-the-biggest-impersonation-targets-of-threat-actors/"
---

Quick Answer

VadeSecure's \[latest report highlights\](https://info.vadesecure.com/en/phishers-favorites-2021-year-in-review) how financial services is the most impersonated sector today, along with Facebook and Microsoft taking the crown for the \*\*most impersonated brands\*\* by phishing criminals. It is imperative to understand the rising threat of phishing, the \[latest phishing scams\](/tags/announcements/), and how you can ensure your organization's \[protection against phishing\](/).

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Flatest-phishing-trends-the-biggest-impersonation-targets-of-threat-actors%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Latest%20Phishing%20Trends%3A%20Financial%20Services%2C%20Facebook%2C%20and%20Microsoft%2C%20the%20Biggest%20Impersonation%20Targets%20of%20Threat%20Actors&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Flatest-phishing-trends-the-biggest-impersonation-targets-of-threat-actors%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Flatest-phishing-trends-the-biggest-impersonation-targets-of-threat-actors%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Flatest-phishing-trends-the-biggest-impersonation-targets-of-threat-actors%2F&title=Latest%20Phishing%20Trends%3A%20Financial%20Services%2C%20Facebook%2C%20and%20Microsoft%2C%20the%20Biggest%20Impersonation%20Targets%20of%20Threat%20Actors "Share on Reddit") [ ](mailto:?subject=Latest%20Phishing%20Trends%3A%20Financial%20Services%2C%20Facebook%2C%20and%20Microsoft%2C%20the%20Biggest%20Impersonation%20Targets%20of%20Threat%20Actors&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Flatest-phishing-trends-the-biggest-impersonation-targets-of-threat-actors%2F "Share via Email") 

![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2022/03/anti-phishing-service-8713.jpg) 

_phishing is the most common initial attack vector ([IBM Cost of a Data Breach Report 2024](https://www.ibm.com/reports/data-breach)) that cybercriminals use to target individuals and employees worldwide_ to lure them in and lead them to fake applications, websites, and payment portals to steal information and hard-earned money.

VadeSecure’s [latest report highlights](https://info.vadesecure.com/en/phishers-favorites-2021-year-in-review) how financial services is the most impersonated sector today, along with Facebook and Microsoft taking the crown for the **most impersonated brands** by phishing criminals. It is imperative to understand the rising threat of phishing, the [latest phishing scams](/tags/announcements/), and how you can ensure your organization’s [protection against phishing](/).

### Key Statistics

Nearly **184,977 phishing emails** and websites analyzed by Vade in 2021 revealed that:

- The most impersonated social media platform is Facebook, used in **14% of phishing pages**.
- The most impersonated corporate brand is **Microsoft, at 13%**.
- The most impersonated sector is _Financial Services, at a substantial 35%, followed by social media at 24%, and Cloud at 19%._
- Credit Agricole, the most impersonated financial service, featured on **13% of phishing websites**.
- Phishing is highest during **weekdays at 78%**, with weekends at 22%, and Tuesday topping the list with the highest [phishing attacks](/resources/evolution-of-phishing-attacks-in-pandemic-era/).

### Why Do Cybercriminals Impersonate Facebook and Microsoft for Phishing?

> “Microsoft’s built-in phishing protection in Office 365 catches the obvious attacks, but it consistently misses targeted spear phishing and zero-day threats. We see this every day - customers come to us after an incident that Microsoft Defender didn’t catch. Adding a dedicated anti-phishing layer takes five minutes and closes that gap.” - **Adam Lundrigan**, CTO, DuoCircle

Facebook is the most [widely used social media platform](https://www.statista.com/statistics/272014/global-social-networks-ranked-by-number-of-users/) with **nearly 2.89 billion** monthly active users, making it a prime impersonation brand for harming unsuspecting and innocent users worldwide. Facebook phishing is carried out by malicious actors via emails impersonating Facebook, **fake security alerts** for password reset recommendations, and post links that redirect to phishing login pages for stealing Facebook account credentials. Cybercriminals can use these credentials to carry out malicious activities, access confidential data and personal information, [social engineering](/resources/protection-against-social-engineering-phishing-and-ransomware/), impersonation, and target friend accounts.

Microsoft is the go-to for businesses worldwide owing to its affordable, secure, adaptable, collaborative, and popular services. [Microsoft phishing attacks](/blog/latest-phishing-campaign-targeting-microsoft-proves-multi-factor-authentication-risky-organizations/) were more sophisticated with automated tools that rendered official corporate logos and images into Microsoft **phishing pages** with links explicitly designed to work if the particular victim received it, causing them to become inactive for regular users. Cybercriminals validated the targeted individuals utilizing APIs (Application Programming Interface) and user email addresses.

![Anti phishing service](https://media.mailhop.org/phishprotection/images/2022/03/anti-phishing-service-8713.jpg) 

### What Makes Financial Services Prime Targets for Phishing?

_The financial services sector is a prime target for phishing by malicious actors owing to the significant opportunity of substantial monetary gains_. The rise in impersonation of financial services was boosted by Covid-19, with organizations and individuals **worldwide rushing for loans** from federal-backed banks and credit unions. Financial institutions are returning to standard procedures, with loans and payments becoming active after the expiration of deadlines.

_Cybercriminals have a new opportunity to scam and exploit businesses struggling with finances_. Financial Institutions are enticing targets for malicious actors as they have a lot of confidential customer information and bank account details. Moreover, the impersonation of financial services with [phishing links](/blog/phishing-attacks-are-no-longer-just-malicious-links-in-emails/) and payment portals can trick many individuals into submitting payments for dues.

### Latest Phishing Scams

Phishing attacks impersonating major brands is not the only revelation of the report, which highlights the [latest phishing scams](/tags/announcements/), which are:

- \*\* \*\* **COVID-19 themed phishing**\*\*:\*\* The year also saw business email accounts receive millions of [pandemic phishing emails](/blog/the-rise-of-package-delivery-phishing-scams-in-covid-times/) every month, with Vaccine Messages, Vaccine Survey Responses, and Survey Confirmations as the primary subject of the emails. These _covid phishing emails were sophisticated enough to bypass detection_ and employed the usage of random noises in the text concealed under images to avoid **email filters**. The phishing links also featured the usage of famous and known domains that required an account setup, tricking you into paying delivery charges for receiving a prize when visiting the phony website.
- **Tech support:** Phishers are also using technical support emails, targeting individuals working from home. These [technical support phishing emails](/blog/latest-tech-support-scams-involving-phishing-attacks/) were harder to suspect as they featured a phone number instead of an email. The email instructed individuals to call on the phone to renew or cancel their subscriptions, thereby baiting them. Once they reached the number, the cybercriminal on the other side of the call instructed them to install remote desktop access software on their devices and deploy malware or additional malicious tools on the innocent victim’s systems by convincing them of the presence of viruses and malware and the need for a solution.

However, this was the first wave of technical support **phishing scams** that later transformed into Apple and Amazon impersonation emails containing fake invoices of massive purchases, provided with a phishing phone number for cancellation or assistance.

![Key Statistics on Phishing Trends](https://media.mailhop.org/phishprotection/images/2022/03/Key-Statistics-on-Phishing-Trends.jpg) 

### Defending Against Phishing Attacks

The report has made it clear that _cybercriminals are continuously changing their tactics to dupe you out of critical information and finances_. However, you can fight back and defend against this latest COVID and technical support phishing, and other all kinds of [phishing scams](/blog/the-latest-phishing-scams-hackers-can-bypass-two-factor-authentication/) by:

- \*\* \*\* **Automated Protection Tools:** AI (Artificial Intelligence) plays a significant role against phishing with specialized algorithms that can identify [spear-phishing attack](/blog/deal-with-recent-trends-in-spear-phishing-attacks/) traits and even detect evasive tactics employed by threat actors.
- **Staff Training:** Organizations should invest in [staff training](/products/phishing-awareness-training/) to help them understand the risks of phishing and privy them to the latest **phishing tactics** and how to avoid them for the best [anti-phishing services](/blog/get-an-insight-on-various-types-of-anti-phishing-services/).
- **Identification:** Sophisticated attacks might not be caught by the human eye, but you can quickly identify other spear-phishing emails, phishing websites, and scams as they feature grammatical errors or unknown domain names in the links.
- **Natural Language Processing (NLP) tools:** Along with AI and machine learning algorithms to detect odd emails, NLP can detect phishing emails via the association of common flag words in spear-phishing emails.
- **Learning tell-tale signs:** You should also educate yourself to the tell-tale signs that a phishing email includes, such as grammatical errors, requests for personal information, unsolicited services or subscriptions, the difference in sender email and signature, multiple recipients of the email, and the emails general content instead of addressing your name.

### Final Words

The latest phishing report has made it clear that _cybercriminals are evolving their techniques to dupe innocent individuals and organizations with sophisticated phishing campaigns_ for robbing them of personal information and finances. You can [defend against phishing](/) attacks by following the methods mentioned above. Furthermore, staying alert while opening unsolicited emails ensures better protection, so a simple click does not cause significant losses.

## Topics

[ Phishing ](/tags/phishing/) 

![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) 

[ Brad Slavin ](/authors/brad-slavin/) 

General Manager

Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base.

[LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) 

## Protect your inbox from phishing attacks

Real-time email security with 60-day free trial. No credit card required.

[Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) 

## Related Articles

[  Foundational 5m  0ktapus, Okta Breach Helps Attackers Launch Sophisticated Supply Chain Attacks  Sep 5, 2022 ](/blog/0ktapus-okta-breach-helps-attackers-launch-sophisticated-supply-chain-attacks/)[  Foundational 4m  13 Spear Phishing Attacks Examples To Justify Investment For Phishing Prevention Solutions In Your Organization  Aug 1, 2019 ](/blog/13-spear-phishing-attacks-examples-to-justify-investment-for-phishing-prevention-solutions-in-your-organization/)[  Foundational 4m  All 14 centers of Kettering Health were affected by a massive ransomware attack, Major outage in the Ohio medical center  May 23, 2025 ](/blog/14-centers-of-kettering-health-were-affected-by-massive-ransomware-attack-in-ohio-medical-center/)[  Foundational 4m  2021 Phishing Trends You Need To Be Wary Of  Aug 2, 2021 ](/blog/2021-phishing-trends-to-be-wary-of/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"Latest Phishing Trends: Financial Services, Facebook, and Microsoft, the Biggest Impersonation Targets of Threat Actors","description":"Phishing remains the top method that cybercriminals use to target individuals and employees worldwide to lure them in and lead them to fake applications.","url":"https://phishprotection.com/blog/latest-phishing-trends-the-biggest-impersonation-targets-of-threat-actors/","datePublished":"2022-03-14T11:44:53.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2022-03-14T11:44:53.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/latest-phishing-trends-the-biggest-impersonation-targets-of-threat-actors/"},"articleSection":"foundational","keywords":"Phishing","wordCount":1060,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2022/03/anti-phishing-service-8713.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Foundational","item":"https://phishprotection.com/foundational/"},{"@type":"ListItem","position":4,"name":"Latest Phishing Trends: Financial Services, Facebook, and Microsoft, the Biggest Impersonation Targets of Threat Actors","item":"https://phishprotection.com/blog/latest-phishing-trends-the-biggest-impersonation-targets-of-threat-actors/"}]}
```