14 DAY TRIAL // According to German security vendor Avira, PayPal was the target of over 50% of phishing attacks throughout February. Despite a significant decline over January being observed, PayPal remains the most heavily phished brand.
Avira's phishing statistics for February reveal that 52.92% of the total number of unique phishing URLs registered last month masqueraded PayPal-related services. This represents a deviation of 31.03% over January, when the company accounted for 61.89% of such links.
The top five for February is completed by eBay (9.93%), Facebook (7.37%), HSBC Bank (6.33%) and the Internal Revenue Service (6.22%). "The big ‘winner’ is, however, Ebay, which started to be used again in phishing attacks. Remember that in January it was the biggest ‘loser’ and now it gained about 26% landing on the second place," Sorin Mustaca, Avira's manager of international software development, notes.
The most significant increase in attacks over January was registered by brands like Visa (68.50%), due to the Winter Olympics, Facebook (59.54%), due to new activity from the Koobface worm, and the IRS (41.91%), caused by tax-evasion scams. These finds are partially consistent with stats released by phishing monitoring outfit PhishTank, which ranks PayPal, IRS, Facebook, HSBC and Bank of America as the top five targeted brands for last month.
Despite attacks against PayPal being on the decline for the past two months, the brand remains the most heavily phished one after seeing a huge spike during December. According to an August 2009 report from Kaspersky Lab, PayPal and its parent company, eBay, were targeted in more than 60% of phishing emails. However, the antivirus vendor applauded their significant efforts to educate users again such threats.
But, according to Avira, PayPal did not weigh much in this equation, noting that, for most of last year, the most attacked brands were eBay and Chase Bank, with Chase exhibiting a slight advantage. That was until December, when the holiday online shopping fever led to a sudden surge of phishing schemes targeting PayPal and earning it the title of the most phished brand of 2009.