Study: Cybercriminals Creating 57,000 New Websites Per Week To Exploit High-Profile Brand Names
PandaLabs, Panda Security's anti-malware laboratory, has discovered that hackers are creating 57,000 new websites each week that exploit approximately 375 high-profile brand names worldwide at any time. These findings are based on a three-month long study conducted by PandaLabs of its global malware database. Notably, eBay and Western Union-related URLs comprise 44 percent of all malicious sites, with Visa, Amazon, Bank of America and PayPal also heavily targeted by cybercriminals.
The 10 most beleaguered brands, along with the percentage they are targeted among all fake websites tracked by PandaLabs, are as follows:
1. eBay -- 23.21 percent
2. Western Union -- 21.15 percent
3. Visa -- 9.51 percent
4. United Services Automobile Association -- 6.85 percent
5. HSBC -- 5.98 percent
6. Amazon -- 2.42 percent
7. Bank of America -- 2.29 percent
8. PayPal -- 1.77 percent
9. Internal Revenue Service -- 1.69 percent
10. Bendigo Bank -- 1.38 percent
In the investigation, PandaLabs found that banks by far comprise the majority of fake websites with 65 percent of the total. Online stores and auction sites are also popular at 27 percent, with eBay taking the spot as the No. 1 most targeted brand on the Web today. Other financial institutions, such as investment funds and stockbrokers, and government organizations encompass 2.3 percent and 1.9 percent, respectively. Payment platforms, led by PayPal, and ISPs are in fifth and sixth place.
Cybercriminals create fake websites related to well-known brands and organizations so that the URLs appear in phishing campaigns and in search results. When unwary users click on them thinking they are the real company, their computers will either be infected or they will be directed to a landing page that appears legitimate. When they enter personal information on these malicious pages, that data will fall into the hands of criminals, who will then use it to commit financial fraud and other crimes.
According to Luis Corrons, technical director of PandaLabs, "The problem is that when you visit a website through e-mail or search engines, it can be difficult for users to know whether it is genuine or not. Given the proliferation of this technique, we advise consumers to visit banking sites or online stores by typing in the address in the browser directly rather than using search engines or links in an e-mail. Although search engines are making an effort to mitigate the situation by changing indexing algorithms, they have so far been unable to offset the avalanche of new websites being created by hackers every day."