Phishers move beyond eBay, PayPal

Online thieves cast a wider net to catch personal info

EBay and PayPal, once the primary lures used by phishers to trick e-mail users into giving up personal information, aren’t as popular as they used to be.

According to security vendor Sophos, which monitors spam and phishing e-mails to catch new blasts and determine trends, the number of messages pretending to be from eBay or its payment subsidiary PayPal has dropped from 85 % of all phishing e-mails a year ago to 21% in September.

“That's an impressive turnaround by anyone's standards," said Graham Cluley, senior technology consultant at Sophos, in a prepared statement.

Cluley attributes this drop in part to online initiatives by eBay and PayPal to educate their customers about phishing scams, and to PayPal’s launch earlier this year of an authentication keyfob that creates a dynamic password for customers concerned with fraud.

Sophos says the amount of phishing attacks circulating have stayed relatively consistent over the past year, but now phishers are using different tactics to try and fool recipients. Phishers are beginning to diversify by spoofing small credit unions, other online retailers, and overseas companies, he says.

Learn more about this topic

Phishers won’t stop as long as users continue to click

10/09/07

Antiphishing education requires real-world techniques

10/08/07

Can you spot a phish? Play Carnegie Mellon’s game and see

09/25/07

PayPal claims gains against phishers

09/20/07

From CSO: 7 security mistakes people make with their mobile device
Join the discussion
Be the first to comment on this article. Our Commenting Policies