Ease is the main reason why users are going online for their purchases, especially during the holiday season. While convenient, online shopping poses risks to users’ login credentials and personally identifiable information (PII), as cybercriminals can easily craft phishing attacks that lead to data theft.
Using Trend Micro Smart Protection Network™ and other proprietary tools, we identified the top created phishing sites for December 2012. Below is a graph of created spoofed sites limited to 50 popular brand names.
Based from the information we’ve gathered, the e-commerce site PayPal was the most targeted institution, with 18,947 spoofed sites under its belt, followed closely by the American bank Wells Fargo. Users who are tricked into visiting spoofed PayPal sites may lead to their systems being infected by TROJ_QHOST.EQ. So far, the malware has infected systems from Taiwan, Thailand and the United States (US). As you can see below, the top 10 most spoofed sites are composed of either banks or well-known credit card companies.
|Company name/websites||Number of created phishing websites|
|Bank of America||1477|