The upward trend illustrates the move by cybercriminals from less profitable spam to attacks that generate more revenue. PayPal remains the consistent favorite due to its wide acceptance across the internet and the ease with which funds can be transferred between accounts.
During a two-week sampling taken during the first quarter of this year, CYREN researchers found the number of PayPal related phishing URLs increased from approximately 750 a day in Q4 2013 to more than 1,300 a day in Q1 2014. That increase made it the most heavily used lure at more than 18,600 phishing URLs during the two-week sample period. Other top brands used to lure email recipients were Apple, Poste Italiane, Barclays Bank, Battle.net and Sparkasse.
The first lottery scams involving the FIFA World Cup also appeared. Both of the previous World Cups in 2010 and 2006 were used for almost identical scams. CYREN partner PhishLabs observed a new wave of phishing attacks using residential IP address space and personal computers to install and host phishing sites.
Additional findings included:
- Android malware grew in complexity and included encrypted peer to peer functionality used to track user activity and steal data.
- Spam levels continued their downward trend, averaging 54 billion emails per day. The downward trend is due to several factors including the lower income per message, a reduction in affiliate revenue from spam, and the relative profitability of other attack vectors – illustrated by the increase in PayPal phishing.
- Diet spammers using the distribution of press releases to gain "legitimate" news featured on the Wall Street Journal and Reuters websites.