Phishers No More Targeting PayPal & eBay Users

There has been a "dramatic decline" in the number of phishing e-mails to PayPal customers as well as customers of its parent organization eBay, according to security experts.

Monitoring activities by Sophos Labs revealed that phishing e-mails posing to be from the two companies during September this year (2007) was only 21% compared to one year back when it was 85%. Help Net Security published this news on October 16, 2007.

Phishing e-mails are crafted to direct recipients to visit a fake Website that appears genuine but actually steals their login information like usernames and passwords. The fraudsters then use the stolen information to commit identity theft.

In addition to the decline in the proportion of phishing e-mails targeted at users of PayPal and eBay, Sophos experts have found cyber criminals are now attacking users of online companies of a much wider range with the similar purpose of pilfering financial information to steal their money. Such illegal businesses involve the exploitation of Credit Card unions, Internet retailers, and companies located in other geographic areas.

During September 2006, nearly 90% of phishing e-mails were targeted at unwary PayPal/eBay customers to steal their information, which has now come down by half the percent. That is indeed an impressive improvement, said Graham Cluley, the Senior Technology Consultant for Sophos. Smartofficenews published this news on October 17, 2007.

Graham Cluley also said that eBay and PayPal customers now have lower chances of falling victim to online fraudsters, since the companies stepped up in spreading knowledge amongst their members about what they should hunt for and how to protect themselves.

Along with this, in 2007, PayPal introduced a tool for authentication whereby customers, who wanted to bring down their probability of suffering a phishing attack, could create a unique password.

EBay and PayPal are Internet predators' two big preys - but hackers are finding difficulty in stealing information from the companies' users due to increased awareness amongst the customers, and a verification technology that the companies introduced to determine the legitimacy of an e-mail message. This is heartening, but online users should not be complacent and stop their fight against phishing, as hackers still target a rage of organizations in a bid to earn easy money, Graham Cluley concluded.

Related article: Phishers Expand Their Sphere of Attacks

» SPAMfighter News - 11/2/2007