When it comes to deploying phishing sites designed to trick mobile users, the great majority of cyber criminals opts for targeting those who engage in e-banking and e-commerce via their mobile devices.
In the past year, 75 percent of mobile phishing URLs were rogue versions of well-known banking or financial sites, warns Trend Micro, while only 4 percent were designed to trick online shoppers and 2 percent to target users of social networks.
The most targeted are PayPal users, followed by customers of several financial institutions: Absa Internet Banking, Popular en linea, Mijn ICS, Barclays and Wells Fargo. eBay credentials are also desirable, as well as those of for Bank of America, Societe Francaise du Radiotelephonie, KBC Bank NV and Match.Com (popular online dating site).
“This trend in launching phishing attacks on mobile devices can be attributed to certain limitations of the platform itself. This includes the small screen size in most mobile devices, which prevents users from fully inspecting websites for any anti-phishing security element,” points out Trend Micro’s Gelo Abendan. “With majority of mobile devices using default browsers, it is also easier for cybercriminals to create schemes as they need only focus on one browser instead of many.”
And while all these mobile phishing sites represent less than 1 percent of all the phishing URLs spotted by the company during 2012, mobile users should not discard the threat, but be as careful as when using their computers and avoid clicking on links contained in unsolicited emails.