Watch out - that PayPal email could be a phishing attack

(Image credit: Shutterstock / Patdanai)

PayPal is the world’s most popular payment system - for threat actors trying to trick people into giving away their login credentials, new research has claimed.

Analyzing phishing campaigns taking place throughout 2021, Atlas VPN researchers found that almost two in five (37.8%) of all financial phishing attacks impersonated PayPal.

The premise is simple - the threat actors will set up a landing page that looks almost identical to the PayPal login page, and will create an email that mimics the looks and the feels of a newsletter, notification email, or warning from the company.

Amazon and Apple in the crosshairs

That email will always hold a link, inviting the victim to log in with their endpoints and sort out whatever troubles await. That link, however, instead of driving the victim towards the actual PayPal login page, will lead them into the fake landing page where, if they’re gullible, they’ll give away their passwords to the attackers.

Besides PayPal, cybercriminals also love impersonating Mastercard. As the second most-abused financial payment brand, Mastercard was impersonated in 12.2% of phishing instances. The goal, in these attacks, is to obtain credit card information.

With a 10% market share, American Express took the third spot.

> What is phishing and how dangerous is it?

> Phishing attacks hit more businesses than ever last year

> LinkedIn is becoming a paradise for phishing attacks

“To avoid getting tricked by a phishing attack targeting payment systems, users should keep in mind several things,” says Atlas VPN cybersecurity writer Vilius Kardelis.

“Websites impersonating popular brands will always have suspicious domain links, which can help to recognize whether the page is legit easily. Also, emails from scammers might contain grammatical errors, so keep an eye out for that.”

Payment services aside, threat actors also love to impersonate ecommerce brands, with Apple and Amazon being the most abused brands. Almost half of all phishing attacks that used an ecommerce brand (48.78%) chose Apple, while Amazon was used in 21.48% of cases.

With 5.32% of the market share, eBay takes the third spot, followed by Alibaba with 4.14%.

Here's our rundown of the best malware removal software right now

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.