eBay, PayPal Phishing Exploits Plummet

Sophos says 21 percent of phishing emails target eBay and PayPal, down from 85 percent last year

Dark Reading Staff, Dark Reading

October 16, 2007

1 Min Read

If you're noticing fewer fake eBay and PayPal emails in your spam filter recently, it's not your imagination. Only one in five -- rather than the previous nine out of 10 -- phishing emails currently pose as eBay and PayPal now, according to security vendor Sophos.

In September of this year, 21 percent of phishing emails were eBay and PayPal-targeted, down from 85 percent a year ago.

Turns out phishers are casting a wider net in their data-stealing attempts, going for smaller credit-card unions, online retailers, and targeting geographic areas with phishes that pose as local businesses.

Sophos credits parent company eBay's aggressive user awareness initiatives on both its site as well as PayPal's, and PayPal's authentication keyfob, which creates dynamic passwords for customers.

"PayPal and eBay are two big fish on the Internet, but hackers are finding it harder than before to steal from their millions of users because of heightened user awareness, and technology that the firms introduced to help verify if an email communication is legitimate or not," says Graham Cluley, senior technology consultant at Sophos. "This is great news, but Internet users should not relax and think the fight is over. Phishers continue to target a wide variety of organizations in their pursuit of easy money."

— Kelly Jackson Higgins, Senior Editor, Dark Reading

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights