Fake "confirm PayPal account" emails lead to phishing
Posted on 27 June 2012.
An extremely legitimate looking email supposedly coming from PayPal has been hitting inboxes in the last few days, trying to trick customers of the popular e-payment giant to follow a link embedded in it, Webroot warns.

"Dear PayPal Costumer, It has come to our attention that your PayPal account information needs to be updated as part of our continuing commitment to protect your account and to reduce the instance of fraud on our website," it says in the email.

"If you could please take 5-10 minutes out of your online experience and update your personal records you will not run into any future problems with the online service. However, failure to update your records will result in account suspension. Please update your records before June 12, 2012. Once you have updated your account records, your PayPal account activity will not be interrupted and will continue as normal."

The offered link takes those users to a faithfully reproduced PayPal phishing site:


And while the URL of the site (hxxp://lejesepofol.altervista.org/plaoyap/plaoyap/index.htm) might warn some users about its true nature, there are still too many who won't be bothered with checking it before entering their PayPal login credentials.

Needless to say, when they do, the information is going straight in the hands of the criminals behind the scheme.






Spotlight

How GitHub is redefining software development

Posted on 26 January 2015.  |  The security industry is slowly realizing what the developer community knew for years - collaboration is the key to and likely the future of innovation.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Thu, Jan 29th
    COPYRIGHT 1998-2015 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //