Phishers move beyond eBay, PayPal
- 18 October, 2007 05:00
EBay and PayPal, once the primary lures used by phishers to trick e-mail users into giving up personal information, aren't as popular as they used to be.
According to security vendor Sophos, which monitors spam and phishing e-mails to catch new blasts and determine trends, the number of messages pretending to be from eBay or its payment subsidiary PayPal has dropped from 85 percent of all phishing e-mails a year ago to 21 percent in September.
"That's an impressive turnaround by anyone's standards," said Graham Cluley, senior technology consultant at Sophos, in a prepared statement.
Cluley attributes this drop in part to online initiatives by eBay and PayPal to educate their customers about phishing scams, and to PayPal's launch earlier this year of an authentication keyfob that creates a dynamic password for customers concerned with fraud.
Sophos says the amount of phishing attacks circulating have stayed relatively consistent over the past year, but now phishers are using different tactics to try and fool recipients. Phishers are beginning to diversify by spoofing small credit unions, other online retailers, and overseas companies, he says.