Microsoft, PayPal and Google Top Brands Targeted by Phishing Campaigns, According to Comodo Cybersecurity Global Threat Report

Hacking democracy efforts continue with disturbing upticks in malware deployments leading up to major national elections

CLIFTON, N.J., Dec. 12, 2018 (GLOBE NEWSWIRE) -- Comodo Cybersecurity, a global leader in threat intelligence and malware cyber defense, today announced the release of the company’s Global Threat Report 2018 Q3, offering unique insights from Comodo Threat Research Lab experts into key cyberthreat trends and the impact of malware on elections and other geopolitical events.

Email phishing remains the most common method of attack. Highlights in the latest quarter include:

  • Phishing represents one of every 100 emails received by enterprises
  • The dubious distinction of the most frequently targeted brands by phishing in the quarter went to Microsoft (19%), PayPal (17%) and Google (9.7%)
  • Top three phishing emails ranked by subject line were:
    • “Your account will be locked” – PayPal (40%)
    • “Info” – FedEx (10%)
    • “August Azure Newsletter” – Microsoft (8%)
  • The US ranked No. 1 for both hosting of phishing sites (65%) and country of origin (36%)
  • Phishing URLs are gaining in popularity, representing 40% of the total, although infected attachments remain the majority at 60%

Researchers cited one phishing email as representative of the uptick in quality, making it harder for users to identify the risk. An email purporting to be a survey regarding Microsoft Azure’s newsletter sported an authentic looking URL and logo, and did not have the telltale grammar or spelling errors that often give away phishing emails. Anyone clicking on the “Take the survey” button was sent to a malware-laden webpage to covertly infect them, except for Comodo Cybersecurity clients who were protected from day zero.

Hacking Democracy and Malware in Conflict Zones

The Comodo Q3 report also reveals disturbing upticks in malware deployment leading up to major national elections. Comodo Cybersecurity researchers document the impact of malware on elections in Russia, Turkey, Mali, Sierra Leone, Azerbaijan and Columbia. The report also highlights the compelling correlations of malware detection leading up to and immediately following geopolitical crises – events in the Syria civil war, the ongoing machinations around the Iran nuclear weapons agreement, the Israel-Palestine conflict and the military operations of Saudi Arabia against Yemen.

“These correlations clearly stand out in the data, beyond the realm of coincidence,” said VP of Comodo Cybersecurity Threat Research Labs, Fatih Orhan. “It is inescapable that state actors today employ malware and other cyberthreats as both extensions of soft power and outright military weapons, as do their lesser-resourced adversaries in asymmetric response.”

About Comodo Global Threat Reports

Comodo Cybersecurity collects comprehensive threat statistics and gleans trends from data delivered from the company’s global installed base of more than 100 million protected endpoints, including deployments in Iran, North Korea, China and Russia, as well as world financial and technical centers such as Berlin, London, Paris, New York, São Paulo, Seoul, the Silicon Valley, Tokyo and Washington DC.   Every week, Comodo processes over 1.4 billion files, with over 28 million containing malware. In the millions of emails inspected every day, Comodo discovers over 50,000 with phishing links or embedded malware.

“The sheer volume of the data we collect and the maturity of Comodo tools and practices in analyzing that data, yield fresh, unexpected insights into the genesis, propagation and impact of malware worldwide,” commented Orhan. “Our quarterly Threat Reports afford us the opportunity to share our unique perspective with a global community of customers, researchers, analysts and other interested parties. As in other domains, in cybersecurity forewarned is forearmed.”

For more information and insights, download the complete Comodo Cybersecurity Global Threat Report 2018 Q3.

About Comodo Cybersecurity

In a world where preventing all cyberattacks is impossible, Comodo Cybersecurity delivers an innovative cybersecurity platform that renders threats harmless, across the LAN, web and cloud. The Comodo One platform enables customers to protect their systems and data against even military-grade threats, including zero-day attacks. Comodo Cybersecurity has experts and analysts that protect 100 million endpoints and serve 200,000 customers globally. Comodo Cybersecurity has a 20-year history of protecting the most sensitive data for both businesses and consumers worldwide. For more information, visit or our blog. You can also follow Comodo on Twitter (@ComodoDesktop) and LinkedIn.


Deb Montner, Montner PR – – (203) 226-9290