Global Threat Statistics for the week of March 22, 2019

PayPal Phishing Casts a Wide Net

One of the most successful phishing methods is to co-opt a well-respected brand. PayPal topped the list by a wide margin in a recent analysis of over 100 million endpoints by Comodo Threat Intelligence Lab. PayPal was impersonated in 39% of all such attacks, with Microsoft a distant second at 20%.

Sharing this information is important so that your users know to be more vigilant if they get an email or alert, supposedly from PayPal, Microsoft, or the others in this chart. Some of these phishing websites look quite authentic and may fool even security-minded users. This type of information is a great addition to your security awareness program.

Top Brands co-opted for phishing websites

The scale at which these attacks are being deployed is evident in the number of web pages using this type of attack. This analysis discovered 61,767 web pages impersonating these brands for the purpose of phishing. Just over half were taken down by the time this article was written. That still leaves almost 30,000 malicious web pages to lure your users.

6 characteristics that make brands good targets for phishing impersonation

1. Registered user accounts

Brands that have hundreds of thousands of registered user accounts are an inviting target for cybercriminals. Consider, for example, PayPal with 267 million registered user accounts. If an attacker can send phishing emails to 1% of them, that’s 2.67 million chances that a user will click on a link that brings that user to their malicious website. If just 1% of those users click that link, they get 26,700 accounts that they have compromised.

2. Trusted brand

When dealing with a trusted brand, people tend to let their guard down. If a phishing website impersonates a trusted brand well enough, that lower level of user vigilance increases the chances of a successful attack.

3. Access to money

In most cases, this is the ultimate goal. There are other motivations such as hacktivism or cyber warfare.


Mais do que uma solução tecnológica, somos uma decisão estratégica para as organizações.

Nossa missão é redefinir a relação das empresas com a cibersegurança e a experiência dos usuários no processo de autenticação e acesso a ativos tecnológicos.