top of page
Search

The most imitated brands in phishing attacks in 2025

During the second quarter of 2025, an alarming increase in the impersonation of well-known brands to commit online fraud has been identified. According to a recent report, cybercriminals continue to exploit users' trust in popular brands to steal personal and financial information, posing a direct threat to millions of people worldwide, including Mexico.


During this period, Microsoft was once again the most used brand in phishing campaigns, involved in 25% of recorded attempts. It is followed by Google with 11% and Apple with 9%. Spotify made a surprise return to the top 10 for the first time since 2019, reaching fourth place with 6% of recorded attacks.

The most affected sector continues to be technology, followed by social media and e-commerce platforms. These data reinforce the need to strengthen cybersecurity strategies at both the individual and institutional levels.


Phishing in 2025

Real examples of phishing in 2025


One of the most striking campaigns targeted Spotify users. The attackers created a fake site that mimicked the official login portal, with a design identical to the original.


After entering their credentials, victims were redirected to a fraudulent payment page that attempted to obtain banking information.

Another notable case involved fake confirmation sites linked to Booking.com. A significant increase was detected in the registration of fraudulent domains that simulated booking confirmations, using real user data. This tactic increased the effectiveness of the scam, as it created a false sense of urgency.


What can Mexico learn from these trends?


Although the data comes from a global analysis, it represents a wake-up call for Mexico. Impersonated brands are also widely used by Mexican users, so the risk is real and close at hand. In addition, platforms such as Booking and Spotify have a large presence in the country, and impersonating them can have direct consequences for the population.


The holiday season in Mexico, especially in summer and December, could be exploited by scammers to launch similar campaigns.

Authorities, businesses, and citizens must remain vigilant, educate themselves about warning signs, and take preventive measures to avoid falling victim to this type of fraud.


Most imitated brands in phishing campaigns (Q2 2025)


  1. Microsoft (25%)

  2. Google (11%)

  3. Apple (9%)

  4. Spotify (6%)

  5. Adobe (4%)

  6. LinkedIn (3%)

  7. Amazon (2%)

  8. Booking (2%)

  9. WhatsApp (2%)

  10. Facebook (2%)


The importance of prevention in cybersecurity


The report highlights that cybercriminals are adapting their tactics based on user behavior and seasonal trends. That's why it's essential to stay informed, train staff on cybersecurity issues, and have technological tools that detect threats before they materialize.


In Mexico, digital education and awareness can make a difference. Understanding how phishing attacks work in 2025 is the first step to avoiding becoming a victim.

At Cyberpeace, we recommend staying informed about cybersecurity issues and other digital threats. Prevention and knowledge are your best allies in protecting your online identity. Want to learn more about how to protect yourself? Follow our social media channels and stay up to date on the latest digital threats.


Comments

Cyberpeace_Working table 1 copy 8.png

Cyberpeace Copyright © 2025 - All rights reserved.

TLP:WHITE

bottom of page