• Home
  • Latest
  • Fortune 500
  • Finance
  • Tech
  • Leadership
  • Lifestyle
  • Rankings
  • Multimedia

Trendingnow

1

The U.S. spent $30 billion to ditch textbooks for laptops and tablets: The result is the first generation less cognitively capable than their parents

2

Peter Thiel and other tech billionaires are publicly shielding their children from the products that made them rich

3

Trump embraces Australian retirement system backed by Larry Fink

1

The U.S. spent $30 billion to ditch textbooks for laptops and tablets: The result is the first generation less cognitively capable than their parents

2

Peter Thiel and other tech billionaires are publicly shielding their children from the products that made them rich

3

Trump embraces Australian retirement system backed by Larry Fink
Techphishing

Why PayPal and American Express may be the next hot targets for low-level hackers

By
Alyssa Newcomb
Alyssa Newcomb
Down Arrow Button Icon
By
Alyssa Newcomb
Alyssa Newcomb
Down Arrow Button Icon
January 21, 2020, 5:30 PM ET
Add Fortune on Google for similar content.

Hackers are going after PayPal and American Express usernames and passwords using a phishing scheme that has previously targeted Amazon and Apple, according to research released Tuesday by security company ZeroFOX.

An operation on the dark web called 16Shop started selling phishing kits that target PayPal and American Express customers this month, ZeroFOX says. The digital tackle boxes, which cost less than $100, include everything a low level hacker would need to launch a phishing attack against customers of both companies.

“Phishing kits work very similarly to a marketing platform for sending and tracking email,” says Zack Allen, director of threat operations at ZeroFOX. The software marketers use—legally—helps to automate the process of sending email on behalf of the companies by tracking clicks, controling messaging, shaping content based on your geographic location or Internet browsers, and scheduling marketing campaigns.

The PayPal phishing kit, obtained by ZeroFOX, came with the option of buying additional features, such as customer support, customized templates and automated messages.

“You purchase the software to perform the attack, and some of these kits will reduce the complexity of deploying the attack by streamlining it for the operator,” Allen said.

The phishing kits are just the latest example of how cyber crime and other nefarious tools, such as deepfake video makers, are making complex technology more accessible to the masses.

As the economy moves towards more platform-base capitalism—like buying goods or services through Facebook, Instagram, or Uber, for instance— cyber criminals will follow suit, trying to infiltrate the transactions, says Allen. “We already see this with ransomware-as-a-service and botnets for hire,” he says. “Cyber criminals are now realizing the total addressable market for phishing-as-a-service.”

The news comes as cyber attacks that exploit human weaknesses continue to rise. A 2019 cybercrime study by Accenture said cyber criminals have adapted their attack methods by targeting the human layer—typically the weakest link in cyber defense—increasingly using ransomware, phishing, and social engineering attacks as an entry point. Last year, Kaspersky Labs released a report that detailing a rise in phishing attacks in 2018. The security company found that phishing attacks had more than doubled over the previous year.

Last month, the phishing rate across industries was 1 in 10,527 emails, according to Symantec’s monthly threat report, which shows just how prevalent phishing attacks are. However, that number fluctuates—it was 1 in 5,585 the previous month.

With phishing attacks expected to be on the rise this year, Allen said it’s important to remain vigilant when opening email or messages on social networks.

One way to do that is to check the email address link before clicking. Phishing scams often come from addresses that look legitimate, but might have a simple misspelling.

“Delivery mechanisms tend to be via email or social/digital platforms, and give an enticing message or a call-to-action to get you to click a link. The fake domains may contain the brand name to help convince victims the legitimacy of the website,” said Allen. “Just know that legitimate companies will never ask you for your personal information via these channels.”

More must-read stories from Fortune:

—A.I. in China: TikTok is just the beginning
—Inside big tech’s quest for human-level A.I.
—Medicine by machine: Is A.I. the cure for the world’s ailing drug industry?
—A.I. breakthroughs in natural-language processing are big for business
—A.I. is transforming the job interview—and everything after

Catch up with
Data Sheet, Fortune’s daily digest on the business of tech.

About the Author
By Alyssa Newcomb
See full bioRight Arrow Button Icon
Add Fortune on Google for similar content.

Latest in Tech

Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025

Most Popular

Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Fortune Secondary Logo
Rankings
  • 100 Best Companies
  • Fortune 500
  • Global 500
  • Fortune 500 Europe
  • Most Powerful Women
  • World's Most Admired Companies
  • See All Rankings
  • Lists Calendar
Sections
  • Finance
  • Fortune Crypto
  • Features
  • Leadership
  • Health
  • Commentary
  • Success
  • Retail
  • Mpw
  • Tech
  • Lifestyle
  • CEO Initiative
  • Asia
  • Politics
  • Conferences
  • Europe
  • Newsletters
  • Personal Finance
  • Environment
  • Magazine
  • Education
Customer Support
  • Frequently Asked Questions
  • Customer Service Portal
  • Privacy Policy
  • Terms Of Use
  • Single Issues For Purchase
  • International Print
Commercial Services
  • Advertising
  • Fortune Brand Studio
  • Fortune Analytics
  • Fortune Conferences
  • Business Development
  • Group Subscriptions
About Us
  • About Us
  • Press Center
  • Work At Fortune
  • Terms And Conditions
  • Site Map
  • About Us
  • Press Center
  • Work At Fortune
  • Terms And Conditions
  • Site Map
  • Facebook icon
  • Twitter icon
  • LinkedIn icon
  • Instagram icon
  • Pinterest icon

Latest in Tech

Jony Ive (left), formerly with Apple and now with OpenAI, standing next to Laurene Powell Jobs, the widow of Apple founder Steve Jobs, at an event in 2022.
AIOpenAI
Stolen laptops, data breaches, secret moles, and recruiting-as-espionage. Here are the wildest claims in Apple’s lawsuit against OpenAI
By Emily ForliniJuly 13, 2026
2 hours ago
Elon Musk and Sam Altman are accusing each other of scamming investors as SpaceX and OpenAI jockey to lead AI revolution
AIBillionaires
Elon Musk and Sam Altman are accusing each other of scamming investors as SpaceX and OpenAI jockey to lead AI revolution
By Marco Quiroz-GutierrezJuly 13, 2026
2 hours ago
u
PoliticsSocial Media
Europe to social media platforms: make yourself safe for kids under 13, somehow
By Lorne Cook, Kelvin Chan and The Associated PressJuly 13, 2026
5 hours ago
Meta’s AI data center cost went from $10 billion to $50 billion in under 2 years—and split the town in two
Big TechMeta
Meta’s AI data center cost went from $10 billion to $50 billion in under 2 years—and split the town in two
By Sydney LakeJuly 13, 2026
5 hours ago
b
CommentaryWorld Cup
Columbia Business School professors: What the Balogun red card can teach us about AI and judgment
By Oded Netzer, Christopher Frank and Paul MagnoneJuly 13, 2026
6 hours ago
‘We are driving in the fog’: Hundreds of economists admit they’re flying blind on AI
Economydisruption
‘We are driving in the fog’: Hundreds of economists admit they’re flying blind on AI
By Nick LichtenbergJuly 13, 2026
8 hours ago

Most Popular

The U.S. spent $30 billion to ditch textbooks for laptops and tablets: The result is the first generation less cognitively capable than their parents
Innovation
The U.S. spent $30 billion to ditch textbooks for laptops and tablets: The result is the first generation less cognitively capable than their parents
By Sasha RogelbergJuly 12, 2026
1 day ago
Peter Thiel and other tech billionaires are publicly shielding their children from the products that made them rich
Big Tech
Peter Thiel and other tech billionaires are publicly shielding their children from the products that made them rich
By Marco Quiroz-GutierrezJuly 12, 2026
1 day ago
Trump embraces Australian retirement system backed by Larry Fink
Personal Finance
Trump embraces Australian retirement system backed by Larry Fink
By Brianna Sosa and BloombergJuly 12, 2026
1 day ago
Current price of oil as of July 13, 2026
Personal Finance
Current price of oil as of July 13, 2026
By Joseph HostetlerJuly 13, 2026
12 hours ago
Wyoming officials say Meta’s 715,000-square-foot data center is responsible for contaminating its water system with a rare bacterium
Environment
Wyoming officials say Meta’s 715,000-square-foot data center is responsible for contaminating its water system with a rare bacterium
By Sasha RogelbergJuly 10, 2026
3 days ago
Russia’s economy is an 'illusion' built on debt, and a banking crisis is ready to explode, intel report says, while the Kremlin may seize pensions
Banking
Russia’s economy is an 'illusion' built on debt, and a banking crisis is ready to explode, intel report says, while the Kremlin may seize pensions
By Jason MaJuly 12, 2026
1 day ago

© 2026 Fortune Media IP Limited. All Rights Reserved. Use of this site constitutes acceptance of our Terms of Use and Privacy Policy | CA Notice at Collection and Privacy Notice | Do Not Sell/Share My Personal Information
FORTUNE is a trademark of Fortune Media IP Limited, registered in the U.S. and other countries. FORTUNE may receive compensation for some links to products and services on this website. Offers may be subject to change without notice.