The 2017 NCAA basketball tourney has already had its share of upsets helping winnow the field down to the Elite 8 this weekend, but in another, albeit not quite so well-known competition, an unexpected winner emerged as PayPal unseated Apple as reigning champion in Area 1's Second Annual March Hackness 2017 tournament.

Since March Hackness is not yet covered by the major TV networks a little explanation may be in order. For the second year Area 1 has put together a bracket containing the 64 brands most often used as phishing bait. The companies are organized just like the NCAA bracket with number one seeds from four regions and like the college playoff contains a range of competitors, ranging from the household names like Apple, Yahoo and Facebook to the Middle Tennessee's of the corporate world – Itau Unibanco S.A. and Poste Italiane.

The companies included were referenced in almost 80 percent of the phishing attacks tracked by Area 1. This is up from 70 percent in 2016, an indication that cybercriminals are realizing the benefit of using a well-known brand. U.S. companies comprised 48.5 percent of the list and financial service companies were by far the names most used with 32 of these firms in the bracket.

Click on the image below to see a full size version of the bracket.

Now back to the action.

On its way to the championship round Paypal had to beat out several powerhouses whose names are frequently found in phishing scams. After trouncing Barclays Bank the online payment system went on to dunk Microsoft, eBay and Yahoo – which had made it to the 2016 finals where it lost to Apple.

In 2017 Apple again found itself on the losing side of the content, but not after giving a great showing by taking out AOL, CIBC Bank, Facebook and finally Wells Fargo. Wells Fargo you may remember hit it big in cybersecurity circles in 2016 when it was revealed its employees were using the company database to create fake loans and credit cards for customer so they could meet their sales goals with the end result being the resignation of its CEO John Stumpf and 5,300 people being fired.

Area 1's Shalabh Mohan, the bracket's creator, said the 2017 content contained several upsets.

“Top seeds — Yahoo, LinkedIn, and the U.S. Government to name a few — all with world class cyber defense, were defeated by teams you'd never even heard of,” he said, adding that in all seriousness the bracket helps show the seriousness of phishing noting these scams are still the preferred method of entry for a cybercriminal and that 95 percent of all breaches begin with a phishing attack.

Area 1's bracket is also a good starting point to mention some of the other scams cybercriminals are hatching using the NCAA tourney. SC's Brad Barth covers a few of these in depth here.