PayPal and eBay top phishing hit-list

PayPal and eBay top phishing hit-list


Web giants' popularity encourages fraudsters, says Sophos

Users of eBay and PayPal are the target of more than 75 per cent of all phishing emails, IT security experts have found.

The emails typically point recipients to bogus websites that look like the real PayPal or eBay, but which are designed to steal user names and passwords.

Researchers at security firm Sophos scanned all phishing email messages received so far during 2006.

The results indicated that 54.3 per cent were attempting to steal information from PayPal users, while 20.9 per cent were aimed at eBay users.

Both companies are members of the Anti-Phishing Working Group, an organisation dedicated to wiping out internet scams and fraud, and have published tutorials on how to spot phishing emails.

However, it seems that both sites are victims of their own popularity. " Phishers focus so much on PayPal and eBay because [these sites] are so popular around the world," said Graham Cluley, senior technology consultant at Sophos.

"Bank customers also suffer from phishing attacks, but they tend to be less likely to have the global reach of these net giants.

"PayPal and eBay have worked hard to educate and protect their customers from these kind of attacks, but the best solution is for computer users to be more savvy about securing their identity in the first place, and think before they click."