eBay and Paypal: Top Phishing Targets of 2005
eBay and Paypal are the top phishing targets of 2005, says Netcraft. They make up 62% of all phishing URLs submitted to Netcraft.
eBay and Paypal are the top phishing targets of 2005, says Netcraft. They make up 62% of all phishing URLs submitted to Netcraft.
More than 13,000 of these phishing sites used URLs that included “paypal” or “eBay”, as a subdirectory or file name. The domains included misspellings, substitution of numbers for letters or used hyphenated phrases or third level domains, ex: paypal.mysite.com.
Many of the URLs submitted were spoofs submitted from free sites and cracked computers, through a botnet. The spoofs sites bore identical structures and file titles.
Almost 4,700 of these phishing URLs contained the string “webscr”, which copied paypal’s cgi script. Other URLs included “ebayISAPI”, which also appears in genuine eBay searches.
“eBay and Paypal have more than 68 million active users between them, all of whom use e-mail, meaning bulk phishing e-mails will get a higher percentage of “hits” (recipients with accounts at the targeted institution) for eBay properties than other potential financial targets.” [Source]
Netcraft analyzed 41,047 URLs and saw the following trends:
a) 13,716 phishing URLs were hosted on raw IP addresses.
b) 8,785 phishing URLs contained “˜%’ (a hidden directory on the web server).
c) 2,104 specified a different port number (other than port 80).
d) 8 used cross-site scripting.
e) 6 were hosted on FTP servers.
For more information, click here.
Comments are closed.
