The tradition, which wants popular brands to be systematically targeted by cybercriminals, confirmed the elements of the 1st quarter of 2025. In practice, digital crime continued to exploit the growing use of popular brands to steal sensitive personal and financial data.

According to Check Point Research’s latest report, phishing attacks on the 1st quarter of 2025 remained alarmingly targeted, with Microsoft remaining undisputed leader in the list of brands, most affected. However, a return, which is of interest, is that of Mastercard, which regains its position in the Top 10, enhancing the importance of security in the financial services.

Microsoft on top of brands who fell victim phishing in the first quarter of 2025

In the 1st quarter of 2025 it reveals that phishing attacks remain a serious threat to users and businesses, with large brands such as Microsoft, Google and Mastercard, being the main victims. Cyber ​​-security experts find that cyberspace criminals continue to evolve their tactics, using false pages and fraudulent areas to mislead users and steal personal data.

“The best defense for users remains constant vigilance and the application of strong security measures to protect them from these dangerous threats”, The check Point Research (CPR) reports.

Top goals

The new “brand phishing” ranking for the 1st quarter of 2025 shows that Microsoft remains the top target of electronic fishing for this time, with 36% of all attacks targeting the company’s brand. Google is in second place with 12%, while Apple ranks in the third with 8%.

Particularly interesting is Mastercard’s return to the top of the rankings, taking fifth place for the first time from the 3rd quarter of 2023, indicating the increasing focus in financial sectors as a target for online scams.

The technology sector

Technology and social networks remain the most targeted fields for phishing attacks. Large technology companies, such as Microsoft, Google and Apple, are at the heart of attacks, while retailing and social networking platforms, such as Facebook, LinkedIn and Whatsapp, remain attractive.

“Cyberspace criminals take advantage of the daily use of these services to seduce unsuspecting victims on false websites that resemble official platforms, thus stealing personal data and sensitive information”, The check point reports.

As he points out, “Continuous increased targeting in large brands proves the need for enhanced security measures, especially when it comes to services handling sensitive users’ data.” And ends: “Users must be extremely careful, especially when they interact with websites, which relate to their personal or financial information.”