informa
/
Perimeter
Quick Hits

eBay, PayPal Phishing Exploits Plummet

Sophos says 21 percent of phishing emails target eBay and PayPal, down from 85 percent last year

If you're noticing fewer fake eBay and PayPal emails in your spam filter recently, it's not your imagination. Only one in five -- rather than the previous nine out of 10 -- phishing emails currently pose as eBay and PayPal now, according to security vendor Sophos.

In September of this year, 21 percent of phishing emails were eBay and PayPal-targeted, down from 85 percent a year ago.

Turns out phishers are casting a wider net in their data-stealing attempts, going for smaller credit-card unions, online retailers, and targeting geographic areas with phishes that pose as local businesses.

Sophos credits parent company eBay's aggressive user awareness initiatives on both its site as well as PayPal's, and PayPal's authentication keyfob, which creates dynamic passwords for customers.

"PayPal and eBay are two big fish on the Internet, but hackers are finding it harder than before to steal from their millions of users because of heightened user awareness, and technology that the firms introduced to help verify if an email communication is legitimate or not," says Graham Cluley, senior technology consultant at Sophos. "This is great news, but Internet users should not relax and think the fight is over. Phishers continue to target a wide variety of organizations in their pursuit of easy money."

— Kelly Jackson Higgins, Senior Editor, Dark Reading

  • Sophos plc

  • Recommended Reading:
    Editors' Choice
    Kirsten Powell, Senior Manager for Security & Risk Management at Adobe
    Joshua Goldfarb, Director of Product Management at F5