eBay, Western Union Top List Of Brands Most Used By Hackers
Cybercriminals are creating approximately 57,000 new websites every week, often using established brand names in order to dupe computer users into downloading viruses or disclosing private information such as banking accounts or social security numbers.
Those findings are the result of a new, three-month long study by PandaLabs, the anti-malware research department of Panda Security. The PandaLabs researchers, who announced their findings on Thursday, report that the hackers "exploit approximately 375 high-profile brand names worldwide at any time."
In a press release dated September 9, PandaLabs revealed the 10 brands most frequently utilized by cybercriminals, as well as the percentage of all fake websites they represent. Topping the list was popular online auction site eBay with 23.21-percent, followed closely by financial services firm Western Union at 21.15-percent.
Visa was third with 9.51-percent, followed by the United Services Automobile Association (6.85-percent) and HSBC (5.98-percent). Amazon.com, the Bank of America, Paypal, the Internal Revenue Service (IRS), and Bendigo Bank round out the top ten.
"In the investigation, PandaLabs found that banks by far comprise the majority of fake websites with 65 percent of the total," the security firm reported on their website. "Online stores and auction sites are also popular at 27 percent”¦ [and] other financial institutions, such as investment funds and stockbrokers, and government organizations encompass 2.3 percent and 1.9 percent, respectively. Payment platforms, led by Paypal, and ISPs are in fifth and sixth place."
According to PandaLabs, the hackers use easily recognizable and well-respected brands so that the fake websites they create will appear in search results and phishing campaigns. If users click on them, they could either download malicious software that will infect their computer, or be fooled into giving away important information associated with their accounts at the respective brands.
"The problem is that when you visit a website through e-mail or search engines, it can be difficult for users to know whether it is genuine or not," Luis Corrons, technical director of PandaLabs, said in the company’s press release.
"Given the proliferation of this technique, we advise consumers to visit banking sites or online stores by typing in the address in the browser directly rather than using search engines or links in an e-mail," he added. "Although search engines are making an effort to mitigate the situation by changing indexing algorithms, they have so far been unable to offset the avalanche of new websites being created by hackers every day."
—
On the Net: