After we published our 2010 year-end report, a number of people asked us why PayPal was targeted so frequently by online scammers — it stands out as one of the most phished brands in our report by a wide margin. In reviewing how we presented our data, it’s clear that we should have provided a few more datasets and some better explanations of where our data comes from for clarity.

One of the reasons PayPal is so prevalent as a target in PhishTank is because PayPal uses the PhishTank API to automatically submit any phish they find to PhishTank. This is a good thing — it puts data into PhishTank quickly so the community can verify the sites and PhishTank data feed subscribers can protect their users. While this highlights the frequency that PayPal is a target, it also skews the data to make it appear that PayPal, Inc. is the most phished site, simply because they are the most vigilant in submitting data to PhishTank. Obviously, this was not our intent. We’ve updated the report (PDF, Scribd) to show the most targeted brands in 2010 with the PayPal API data removed from the dataset, as nearly all other submissions come from the tens of thousands of PhishTank individual contributors.

As PhishTank continues to grow, we want to encourage other brands to follow PayPal’s lead in using the various PhishTank APIs to submit data alongside the submissions from individual users. In order to do that, we need to create an environment where brands don’t feel their participation in PhishTank is a double-edged sword. We sincerely appreciate PayPal’s participation in PhishTank, and in their fight against phishing. They should be commended for their progress in fighting phishing and keeping their users safe.

If the PayPal API-based submissions to PhishTank are removed from the dataset of phished brands, the list of most-targeted brands in 2010 shifts dramatically:

 1. Facebook                    8.64%
 2. HSBC Group                  6.73%
 3. World of Warcraft           5.35%
 4. Internal Revenue Service    4.87%
 5. Sulake Corporation          3.21%
 6. Bradesco                    3.15%
 7. PayPal                      3.03%
 8. Orkut                       2.90%
 9. Steam                       1.95%
10. Tibia                       1.72%
n=72,404

You can read the full report here (PDF) or on Scribd.

To learn more about submitting data to PhishTank via the PhishTank API, visit the PhishTank FAQ page.

This post is categorized in: