A strong brand is usually an asset, but PayPal probably wishes its brand was less well known among cybercriminals. Phishing fraudsters who attempt to trick users into revealing their confidential consumer data in order to commit cybercrimes put PayPal at the top of their list when it comes to attacks on e-payment systems.
Kaspersky Lab today released results from its study, Financial Cyber Threats in 2013, which found that about one third (31.45 percent) of phishing attacks targeted online financial institutions including, banks, online stores and e-payment systems.
Of those financial phishing attacks, 70.6 percent used fake bank webpages to acquire confidential user information and steal money from bank accounts, showing the strong trend of cyber criminals exploiting online financial services.
Among attacks on e-payment systems, almost 90 percent of phishing attacks fell on one of five international brands: PayPal, American Express, MasterCard International, Visa or Western Union. The amount of attacks on PayPal reached 44.12 percent, earning it the dubious distinction of being the leading brand exploited in e-payment system attacks.
The report also showed cybercriminals exploiting the names of online stores in phishing scams. For several years in a row, Amazon.com has been the most popular. Over the reported period, Amazon was used in 61 percent of phishing attacks in this category. Other brands that were used, included Apple (12.89 percent) and eBay (12 percent).
Victims of attacks are not only English-speaking users but also people who speak Chinese, Spanish, Portuguese, and several other languages. The Chinese online store Alibaba (4.34%) is becoming increasingly attractive for scammers. In 2013 it was joined by another Chinese online store – Taobao (1.26%) (also owned by Alibaba). Almost 3% of all attacks on online stores fell on MercadoLibre.com, a South American version of eBay.
Kaspersky Lab found phishing scams overall were up over 2 percent last year.