Fake "confirm PayPal account" emails lead to phishing
Posted on 27 June 2012.
An extremely legitimate looking email supposedly coming from PayPal has been hitting inboxes in the last few days, trying to trick customers of the popular e-payment giant to follow a link embedded in it, Webroot warns.

"Dear PayPal Costumer, It has come to our attention that your PayPal account information needs to be updated as part of our continuing commitment to protect your account and to reduce the instance of fraud on our website," it says in the email.

"If you could please take 5-10 minutes out of your online experience and update your personal records you will not run into any future problems with the online service. However, failure to update your records will result in account suspension. Please update your records before June 12, 2012. Once you have updated your account records, your PayPal account activity will not be interrupted and will continue as normal."

The offered link takes those users to a faithfully reproduced PayPal phishing site:


And while the URL of the site (hxxp://lejesepofol.altervista.org/plaoyap/plaoyap/index.htm) might warn some users about its true nature, there are still too many who won't be bothered with checking it before entering their PayPal login credentials.

Needless to say, when they do, the information is going straight in the hands of the criminals behind the scheme.






Spotlight

Behavioral analysis and information security

Posted on 22 September 2014.  |  In this interview, Kevin Watkins, Chief Architect at Appthority, talks about the benefits of using behavioral analysis in information security and how behavioral analysis can influence the evolution of security technologies.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Sep 23rd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //