Sophos, a world leader in protecting businesses against viruses, spyware and spam, has revealed that over 75% of all phishing emails are targeting users of PayPal or eBay.
Experts at SophosLabs™ scanned all phishing email messages received in the company's global network of spam traps during 2006, and have revealed that 54.3% were attempting to steal information from users of PayPal. The second most common targets, at 20.9%, were users of the eBay online auction service.
Typically phishing emails point recipients to a bogus website which looks like the real PayPal or eBay site, but is designed to steal usernames and passwords. Once hackers have stolen login details they can use the information to commit crimes such as identity fraud, leaving victims with a financial burden.
"The reason why the phishers focus so much on PayPal and eBay is because they are so popular around the world. Although bank customers do also suffer from phishing attacks, they tend to be less likely to have the global reach that these net giants have," said Graham Cluley, senior technology consultant for Sophos. "PayPal and eBay have worked hard to educate and protect their customers from these kind of attacks, but the best solution is for computer users to be more savvy about securing their identity in the first place, and think before they click."
A recent phishing email targeting users of eBay.
PayPal and eBay, like Sophos, are members of the Anti-Phishing Working Group (APWG), an organization dedicated to wiping out internet scams and fraud. The companies have published tutorials on how to spot phishing emails:
Research issued earlier this year by Sophos revealed that 58% of people receive at least one phishing email every day. Sophos recommends that companies protect their computers with a consolidated solution to defend against spam, spyware and viruses.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.