Paypal and Phishing : Paypal CISO’s Dream vs. Reality

I received from the CompTIA Smartbrief newsletter a notification about an interesting article: PayPal security guru: No one is safe from threats

This is the article PayPal security chief on Epsilon breach and more written by Elinor Mills of Cnet.

I agree with most of the comments of Mr. Barret until this one:

Q: Is phishing still the bane of PayPal and its customers?

Barrett: I joined PayPal almost exactly five years ago and it’s fair to say the company had not realized at that point the true significance of phishing. But since that time we’ve put in place a number of defenses against it. It probably will never go away completely as a problem, but it can be substantially minimized.

We’re at No. 8 on a list of most phished sites, which is better than being No. 1.

I’m not satisfied with being No. 8 and I’d really like to obliterate the crime completely, but I realize that will take another five years to get to that state.

Mr. Barret, please wake up….
You’re dreaming, and in this dream, Paypal is actually no longer no. 1 in the top of the most phished brands.
In my top in the cruel world, Paypal takes and holds the lead with over 40% of the phishing attacks and the rest of the brands are somewhere at 10% and below that.

Please read the statistics which Avira and other vendors are producing.
Even they are not identical, you will see that PayPal is always in top 3 if not even the first one.

© Copyright Sorin Mustaca, All rights Reserved. Written For: Sorin Mustaca on Cybersecurity

Check for seeing the consulting services we offer.

Visit for latest security news in English
Besuchen Sie für IT Sicherheits News auf Deutsch

About the Author

Sorin Mustaca
Sorin Mustaca, (ISC)2 CSSLP, CompTIA Security+ and Project+, is working since over 20 years in the IT Security industry and worked between 2003-2014 for Avira as Product Manager for the known products used by over 100 million users world-wide. Today he is CEO and owner of Endpoint Cybersecurity GmbH focusing on Cybersecurity, secure software development and security for IoT and Automotive. He is also running his personal blog Sorin Mustaca on Cybersecurity and is the author of the free eBook Improve your security .
%d bloggers like this: