This blog originally appeared in March 2021 on the Area 1 Security website, and was issued in advance of Cloudflare's acquisition of Area 1 Security on April 1, 2022. Learn more.
Well America, it’s back! That glorious time of year that has everyone asking, “Is Gonzaga actually for real this time? Have we learned nothing?!” Yes that’s right, March Madness is back!
After a LONG and hard 2020, it’s beginning to look a little more normal these days. Nothing signals normal like the return of March Madness! We can finally have the thrill and gut punching heartbreak of busted brackets, 15-seed upsets, and those weird bragging rights of “I called that upset, I just didn’t put it down on my bracket…”
We at Area 1 have been doing our own Phishing brackets over the past five years. We took a hiatus in 2020 (as did the NCAA), so today, we proudly introduce the 5th Annual March Hackness: The Phishing Tournament.
In creating their Phishing campaigns, attackers take advantage of a simple idea - Trust. Nothing speaks to that more than the brands that everyone knows and loves and interacts with in their everyday lives or see in the headlines.
We’ve analyzed over 500 different organizations — across multiple divisions (aka industries) — that have been spoofed in more than 22 million Phishing messages over the past year. From there, we’ve identified the Top 64 companies whose brands have become the go-to lures for Phishing campaigns.
Although March Madness took last year off due to the COVID-19 pandemic, attackers sure didn’t. (Just see some proof here, and here, and here…)
And now…
(Prepares best Dick Vitale voice possible) …
WE’RE BACK AT IT BABY! OH AMERICA, ARE YOU SERIOUS? IT’S AWESOME BABY!
Wow, that takes a ton of energy to pull off!
With Area 1’s March Hackness tournament, you’ll get to see who is the latest Cinderella story to come out of nowhere and disrupt the typical “Power 5” technology brands that typically dominate the Phishing world. (Here’s looking at you PayPal, our previous 2019 champion).
Let’s see what a difference a year makes in the world of Phishing.
I’m excited, you get excited!
EVERYONE ON THEIR FEET!
LET’S SEE THAT BRACKET BABY!
Some fast break takeaways for this year’s March Hackness?
We see some (unfortunate) new players in the space this year: themes around COVID-19 made a strong impact on our Top 64 bracket.
For example, newcomers like the World Health Organization and Centers for Disease Control make appearances for the first time, as well as pharmaceutical sweethearts, Moderna.
Our typical heavy hitters are still accounted for, like Microsoft, Google, Facebook, and PayPal. However, how well will they survive the tournament? Can they make it to the championship?
Tune in soon to find out who cuts down the nets to evade detection in this year’s tournament!