Cybercriminals Creating Nearly 60,000 Fake Websites to Trick and Infect Users Each Week, Reports PandaLabs
- Three-month investigation shows eBay and Western Union together account for nearly half of all malicious sites exploiting brands
- Targeted brands strongly correlate with financial transactions and companies storing sensitive consumer data
ORLANDO, Fla., September 9, 2010—PandaLabs, Panda Security’s anti-malware laboratory, has discovered that hackers are creating 57,000 new websites each week that exploit approximately 375 high-profile brand names worldwide at any time. These findings are based on a three-month long study conducted by PandaLabs of its global malware database. Notably, eBay and Western Union-related URLs comprise 44 percent of all malicious sites, with Visa, Amazon, Bank of America and PayPal also heavily targeted by cybercriminals.
The 10 most beleaguered brands, along with the percentage they are targeted among all fake websites tracked by PandaLabs, are as follows:
- eBay – 23.21 percent
- Western Union – 21.15 percent
- Visa – 9.51 percent
- United Services Automobile Association – 6.85 percent
- HSBC – 5.98 percent
- Amazon – 2.42 percent
- Bank of America – 2.29 percent
- PayPal – 1.77 percent
- Internal Revenue Service – 1.69 percent
- Bendigo Bank – 1.38 percent
In the investigation, PandaLabs found that banks by far comprise the majority of fake websites with 65 percent of the total. Online stores and auction sites are also popular at 27 percent, with eBay taking the spot as the No. 1 most targeted brand on the Web today. Other financial institutions, such as investment funds and stockbrokers, and government organizations encompass 2.3 percent and 1.9 percent, respectively. Payment platforms, led by Paypal, and ISPs are in fifth and sixth place.
To download a graphical representation of the types of most targeted companies, visit http://farm5.static.flickr.com/4093/4972040633_9cfd8f74cc_z_d.jpg.
How it Works
Cybercriminals create fake websites related to well-known brands and organizations so that the URLs appear in phishing campaigns and in search results. When unwary users click on them thinking they are the real company, their computers will either be infected or they will be directed to a landing page that appears legitimate. When they enter personal information on these malicious pages, that data will fall into the hands of criminals, who will then use it to commit financial fraud and other crimes.
According to Luis Corrons, technical director of PandaLabs, “The problem is that when you visit a website through e-mail or search engines, it can be difficult for users to know whether it is genuine or not. Given the proliferation of this technique, we advise consumers to visit banking sites or online stores by typing in the address in the browser directly rather than using search engines or links in an e-mail. Although search engines are making an effort to mitigate the situation by changing indexing algorithms, they have so far been unable to offset the avalanche of new websites being created by hackers every day.”
Since 1990, its mission has been to detect and eliminate new threats as rapidly as possible to offer our clients maximum security. To do so, PandaLabs has an innovative automated system that analyzes and classifies thousands of new samples a day and returns automatic verdicts (malware or goodware). This system is the basis of Collective Intelligence, Panda Security’s new security model which can even detect malware that has evaded other security solutions.
Currently, 99.4 percent of malware detected by PandaLabs is analyzed through this system of Collective Intelligence. This is complemented through the effort of several teams, each specialized in a specific type of malware (viruses, worms, Trojans, spyware, phishing, spam, etc), working 24/7 to provide global coverage. This translates into more secure, simpler and more resource-friendly solutions for clients.
More information is available in the PandaLabs blog: http://www.pandalabs.com.