Mobile phishing geared towards online banking users
Posted on 22 February 2013.
When it comes to deploying phishing sites designed to trick mobile users, the great majority of cyber criminals opts for targeting those who engage in e-banking and e-commerce via their mobile devices.

In the past year, 75 percent of mobile phishing URLs were rogue versions of well-known banking or financial sites, warns Trend Micro, while only 4 percent were designed to trick online shoppers and 2 percent to target users of social networks.

The most targeted are PayPal users, followed by customers of several financial institutions: Absa Internet Banking, Popular en linea, Mijn ICS, Barclays and Wells Fargo. eBay credentials are also desirable, as well as those of for Bank of America, Societe Francaise du Radiotelephonie, KBC Bank NV and Match.Com (popular online dating site).

"This trend in launching phishing attacks on mobile devices can be attributed to certain limitations of the platform itself. This includes the small screen size in most mobile devices, which prevents users from fully inspecting websites for any anti-phishing security element," points out Trend Micro's Gelo Abendan. "With majority of mobile devices using default browsers, it is also easier for cybercriminals to create schemes as they need only focus on one browser instead of many."

And while all these mobile phishing sites represent less than 1 percent of all the phishing URLs spotted by the company during 2012, mobile users should not discard the threat, but be as careful as when using their computers and avoid clicking on links contained in unsolicited emails.


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Feb 4th