A Tricky PayPal Phishing Scam That Comes From Official PayPal Email

Haythem Elmir

Nothing is surprising about a PayPal phishing scam but what might raise some eyebrows is the fact that these scams are becoming sophisticated day by day. Usually, phishing scams look for users’ login credentials but recently, HackRead.com discovered a scam that aims at stealing everything from a PayPal users, and that includes their PayPal login credentials, address, credit card, banking data, passport, identity card and driver license.

It starts with an email that informs users about a change in their “Billing Information,” and directs that in case they didn’t make the supposed change they need to click on a link hidden behind a URL shortener to verify that it’s not them. “If you did not make these changes or you believe an unauthorized person has accessed your account, you should change your password as soon as possible from your PayPal ID account page,” says the email.

A Tricky PayPal Phishing Scam that Comes from Official PayPal Email

The subject of this phishing email is “re: [ Statement Update ] reminders: Your PayPal ID information” which means the sender is trying to trick the users into believing that the email is part of PayPal resolution center and deals with an ongoing matter.
The email comes to user inbox rather than going to spam folder while another important fact about this scam is that the email is being delivered by service@intl.paypal.com address, which is a genuine email address officially used by PayPal to contact users. For instance, the screenshot below is an official PayPal email sent to a user to confirm their account’s email address.


A Tricky PayPal Phishing Scam that Comes from Official PayPal Email

Therefore, it is unclear how cybercriminals are using an official PayPal email address to carry phishing scams. However, the same email is being used for scams since 2010. It could be that scammers are using fake senders, but usually, an email sent from a fake email sender goes straight into spam folder rather than the inbox.

To read the original article:



Laisser un commentaire

Next Post

Websites use your CPU to mine cryptocurrency even if you close them

The trend of generating cryptocurrency is increasing, thanks to the growing popularity and rise in the value of the Bitcoin. Some use cryptocurrency mining software while some embed mining codes on their website and take advantage of visitors’ CPU time whenever they visit the site. The Pirate Bay and CBS’s ShowTimes websites were some […]