The latest Brand Phishing Report for Q2 2025 from Check Point Research reveals that Microsoft remains the number one brand targeted by cybercriminals, accounting for 25% of all phishing attempts. Google follows at 11%, and Apple at 9%. Notably, Spotify reappears in the top 10 for the first time since late 2019, ranking fourth with 6% of impersonation activity.
The report highlights a significant surge in fraudulent domains linked to Booking.com, with over 700 new domains registered under formats like confirmation-id***.com*—a staggering 1000% increase since the start of the year. Many of these sites use real user data such as names and contact info to boost credibility and urgency, reflecting a growing sophistication in phishing tactics.
The whole list of top phishing brands in the second quarter of 2025 looks like this:
- Microsoft (25%)
- Google (11%)
- Apple (9%)
- Spotify (6%)
- Adobe (4%)
- LinkedIn (3%)
- Amazon (2%)
- Booking (2%)
- WhatsApp (2%)
- Facebook (2%)
Cybercriminals are adapting their strategies to seasonal trends and user behavior, especially targeting travel-related services ahead of summer and school vacations. The technology sector continues to be the hardest hit, followed by social media and retail industries.
Fake Spotify login page.
One of the quarter’s most notable phishing campaigns focused on Spotify users. Attackers created a convincing fake login page hosted at a suspicious URL mimicking the official Spotify site. After entering credentials, victims were redirected to a fraudulent payment page designed to steal credit card information.
Need for awareness
Omer Dembinsky, Head of Data Research at Check Point Software, points out that attackers exploit the trust users place in well-known brands. He emphasizes that education, awareness, and strong security controls remain critical in reducing phishing risks.
Other brands in the top ten impersonated list include Adobe, LinkedIn, Amazon, Booking.com, WhatsApp, and Facebook. The report draws on data from Check Point’s ThreatCloud AI platform, the world’s largest collaborative cybersecurity intelligence network.
For entrepreneurs and businesses, the report underscores the need for vigilance in protecting digital assets and customer data, especially during periods of increased online activity and seasonal spikes in phishing campaigns.
