Subscribe to receive notifications of new posts:

Annual March Hackness: The Opener — What a Difference a Year Makes in the World of Phishing Attacks

2021-03-22

2 min read

This blog originally appeared in March 2021 on the Area 1 Security website, and was issued in advance of Cloudflare's acquisition of Area 1 Security on April 1, 2022. Learn more.

Well America, it’s back! That glorious time of year that has everyone asking, “Is Gonzaga actually for real this time? Have we learned nothing?!” Yes that’s right, March Madness is back!

After a LONG and hard 2020, it’s beginning to look a little more normal these days. Nothing signals normal like the return of March Madness! We can finally have the thrill and gut punching heartbreak of busted brackets, 15-seed upsets, and those weird bragging rights of “I called that upset, I just didn’t put it down on my bracket…”

We at Area 1 have been doing our own Phishing brackets over the past five years. We took a hiatus in 2020 (as did the NCAA), so today, we proudly introduce the 5th Annual March Hackness: The Phishing Tournament.

In creating their Phishing campaigns, attackers take advantage of a simple idea - Trust. Nothing speaks to that more than the brands that everyone knows and loves and interacts with in their everyday lives or see in the headlines.

We’ve analyzed over 500 different organizations — across multiple divisions (aka industries) — that have been spoofed in more than 22 million Phishing messages over the past year. From there, we’ve identified the Top 64 companies whose brands have become the go-to lures for Phishing campaigns.

Although March Madness took last year off due to the COVID-19 pandemic, attackers sure didn’t. (Just see some proof here, and here, and here…)

And now…

(Prepares best Dick Vitale voice possible)

WE’RE BACK AT IT  BABY! OH AMERICA, ARE YOU SERIOUS? IT’S AWESOME BABY!

Wow, that takes a ton of energy to pull off!

With Area 1’s March Hackness tournament, you’ll get to see who is the latest Cinderella story to come out of nowhere and disrupt the typical “Power 5” technology brands that typically dominate the Phishing world. (Here’s looking at you PayPal, our previous 2019 champion).

Let’s see what a difference a year makes in the world of Phishing.

I’m excited, you get excited!

EVERYONE ON THEIR FEET!

LET’S SEE THAT BRACKET BABY!

Some fast break takeaways for this year’s March Hackness?

  • We see some (unfortunate) new players in the space this year: themes around COVID-19 made a strong impact on our Top 64 bracket.

  • For example, newcomers like the World Health Organization and Centers for Disease Control make appearances for the first time, as well as pharmaceutical sweethearts, Moderna.

  • Our typical heavy hitters are still accounted for, like Microsoft, Google, Facebook, and PayPal. However, how well will they survive the tournament? Can they make it to the championship?

Tune in soon to find out who cuts down the nets to evade detection in this year’s tournament!

Cloudflare's connectivity cloud protects entire corporate networks, helps customers build Internet-scale applications efficiently, accelerates any website or Internet application, wards off DDoS attacks, keeps hackers at bay, and can help you on your journey to Zero Trust.

Visit 1.1.1.1 from any device to get started with our free app that makes your Internet faster and safer.

To learn more about our mission to help build a better Internet, start here. If you're looking for a new career direction, check out our open positions.
Email SecurityCloud Email SecurityCloudflare Zero TrustSecuritySpoofing

Follow on X

Cloudflare|@cloudflare

Related posts

October 23, 2024 1:00 PM

Fearless SSH: short-lived certificates bring Zero Trust to infrastructure

Access for Infrastructure, BastionZero’s integration into Cloudflare One, will enable organizations to apply Zero Trust controls to their servers, databases, Kubernetes clusters, and more. Today we’re announcing short-lived SSH access as the first available feature of this integration. ...

October 15, 2024 1:00 PM

Protect against identity-based attacks by sharing Cloudflare user risk scores with Okta

Uphold Zero Trust principles and protect against identity-based attacks by sharing Cloudflare user risk scores with Okta. Learn how this new integration allows your organization to mitigate risk in real time, make informed access decisions, and free up security resources with automation....