eBay and PayPal prime targets for Phishers

By Steve Malone

Posted on 28 Jul 2006 at 10:39

Over 75 per cent of phishing attacks are targeted at eBay and PayPal users, according to a new study by security firm Sophos.

Data from Sophos's global network of spam traps during 2006 show that 54.3 per cent were attempting to steal information from users of PayPal. The second most common targets, at 20.9 per cent, were users of the eBay online auction service.

Typically phishing emails point recipients to a fraudulent website which looks like the real PayPal or eBay site, but is designed to convince unsuspecting visitors to hand over usernames and passwords. Once hackers have stolen login details, they can commit identity fraud and leave the victim with a hefty bill to pick up.

Graham Cluley, senior technology consultant for Sophos, explained that the reason 'phishers focus so much on PayPal and eBay is because they are so popular around the world. Although bank customers do also suffer from phishing attacks, they tend to be less likely to have the global reach that these Net giants have'.

Phishing is becoming ever more common. The Anti-Phishing Working Group's (APWG) latest figures report that phishing attempts have reached an all-time high. Earlier this year, Sophos found that up to 58 per cent of Internet users receive one phishing attempt every day. The APWG has published some advice on how to avoid becoming a victim.