PayPal is the world’s most popular payment system – for threat actors trying to trick people into giving away their login credentials, new research has claimed.
Analyzing phishing campaigns taking place throughout 2021, Atlas VPN researchers found that almost two in five (37.8%) of all financial phishing attacks impersonated PayPal.
The premise is simple – the threat actors will set up a landing page that looks almost identical to the PayPal login page, and will create an email that mimics the looks and the feels of a newsletter, notification email, or warning from the company.
TechRadar needs you!
We’re looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn’t take more than 60 seconds of your time, and entrants from the UK and US will have the chance to enter a draw for a £100 Amazon gift card (or equivalent in USD). Thank you for taking part.
>> Click here to start the survey in a new window
Amazon and Apple in the crosshairs
That email will always hold a link, inviting the victim to log in with their endpoints and sort out whatever troubles await. That link, however, instead of driving the victim towards the actual PayPal login page, will lead them into the fake landing page where, if they’re gullible, they’ll give away their passwords to the attackers.
Besides PayPal, cybercriminals also love impersonating Mastercard. As the second most-abused financial payment brand, Mastercard was impersonated in 12.2% of phishing instances. The goal, in these attacks, is to obtain credit card information.
With a 10% market share, American Express took the third spot.
> What is phishing and how dangerous is it?
> Phishing attacks hit more businesses than ever last year
> LinkedIn is becoming a paradise for phishing attacks
“To avoid getting tricked by a phishing attack targeting payment systems, users should keep in mind several things,” says Atlas VPN cybersecurity writer Vilius Kardelis.
“Websites impersonating popular brands will always have suspicious domain links, which can help to recognize whether the page is legit easily. Also, emails from scammers might contain grammatical errors, so keep an eye out for that.”
Payment services aside, threat actors also love to impersonate ecommerce brands, with Apple and Amazon being the most abused brands. Almost half of all phishing attacks that used an ecommerce brand (48.78%) chose Apple, while Amazon was used in 21.48% of cases.
With 5.32% of the market share, eBay takes the third spot, followed by Alibaba with 4.14%.
- Here’s our rundown of the best malware removal software right now