PayPal Becomes the Most Popular Phishbait



iStock-1067787434Vade Secure has found that PayPal is now the most impersonated brand in phishing attacks, surpassing Microsoft for the first time, Help Net Security reports. Vade detected 16,547 unique PayPal phishing URLs in Q3 2019, which is a 69.6% increase over the same period last year.

PayPal was followed by Microsoft, Netflix, Facebook, Bank of America, Apple, Chase, CIBC, Amazon, and DHL. Vade noted that the financial industry was the most impersonated sector for the first time, with 38% of all phishing URLs impersonating these companies.

Adrien Gendre, Chief Solution Architect at Vade Secure, said in a statement that this shift indicates that attackers are profiting off of these attacks.

“For consumers, the rise of PayPal phishing, combined with the prevalence of financial institutions in our top 25, means that cybercriminals are making a concerted effort to target your wallet,” Gendre said. “My advice is to stay vigilant and follow best practices to ensure that you and your bank account are not victimized.”

Another notable finding was that although Microsoft phishing attempts dropped by 31% in Q3 2019, attackers are increasingly using randomization techniques to bypass email security filters. For example, they’ve been observed using similar but slightly different versions of Microsoft’s logo to fool detection mechanisms that look for brand impersonation attempts. This suggests that the attackers are focusing on effectiveness rather than quantity with regard to Microsoft phishing attacks.

Attackers are always shifting their methods to stay ahead of defenders. New-school security awareness training can help your employees keep up with the constantly changing threat environment.

Help Net Security has the story: https://www.helpnetsecurity.com/2019/11/11/office-365-phishing-techniques-evolve/

 


Free Phishing Security Test

Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

PST ResultsHere's how it works:

  • Immediately start your test for up to 100 users (no need to talk to anyone)
  • Select from 20+ languages and customize the phishing test template based on your environment
  • Choose the landing page your users see after they click
  • Show users which red flags they missed, or a 404 page
  • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
  • See how your organization compares to others in your industry

Go Phishing Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

https://www.knowbe4.com/phishing-security-test-offer

Topics: Phishing



Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews