JPMorgan Chase & Co. (NYSE:JPM) and Wells Fargo & Co (NYSE:WFC) are among the companies that are most-often targeted by phishing attacks, according to the first-quarter McAfee Threats report.

JPMorgan and Wells Fargo

Phishing By The Numbers

The report says that during the first three months of the year, approximately 80 percent of all phishing attacks were done against companies in the U.S. The next closest country is the U.K. with 5 percent of all phishing attacks.

Finance, government, shopping, online auctions and multiplayer gaming sites were those most often targeted by phishers. JPMorgan Chase & Co. (NYSE:JPM) and Wells Fargo & Co. (NYSE:WFC) were among the top companies targeted by phishing scams. They were joined by, Inc. (NASDAQ:AMZN), Blizzard Entertainment, eBay Inc (NASDAQ:EBAY) and the Internal Revenue Service.

Recent Cyber-Attacks On JPMorgan, Wells Fargo

JPMorgan Chase & Co. (NYSE:JPM) and Wells Fargo & Co (NYSE:WFC) have both been targeted recently by cyber-attacks from a hacker group that’s said to be in the Middle East. Wells Fargo was hit as recently as March of this year, and JPMorgan Chase & Co. (NYSE:JPM) was hit not long before Wells Fargo & Co (NYSE:WFC).

These massive attacks against U.S. financial institutions have taken the form of denial of service attacks, which are different than phishing schemes because they basically prevent users from being able to access their websites. The hacker group Izz ad-Din al-Qassam Cyber Fighters has taken responsibility for them. The group demands that a video it finds to be offensive be removed from YouTube.

Facebook Targeted In Phishing Scheme

Facebook Inc (NASDAQ:FB) was also targeted in a phishing scheme in March. The scheme involved a message that appeared to come from Facebook CEO Mark Zuckerberg—except that it misspelled his name. Facebook users who did not look closely enough overlooked the misspelling. The message also claimed that the recipient’s account might be permanently suspended and suggested that if it’s believed to be a mistake, the recipient should click on the link in the message. Of course that link collects the user’s login information.

It’s never advised to click in a link in a message if you’re not sure about the sender or whether the person actually sent you the link, even if it looks like the message is from someone you know.