Fake Red Cross emails link to private PayPal account
Posted on 02 July 2012.
A rather generic but well-crafted fake American Red Cross email has recently been hitting inboxes around the world and asking recipients for donations:


As the offered link can be seen leading to a legitimate PayPal account, users might feel safe following it.

Still, the account in question seemingly does not belong to the American Red Cross, but to the owner of the thomasmarch171@gmail.com email address and account.

"Other than a short user-supplied bit of text, there is no indication that Thomas March has any connection with the American Red Cross," Barracuda Labs' researchers point out. "While paypal.com is a well known legitimate website, that means nothing when it comes to the destination of monies transferred."

Even though this particular email doesn't dupe users into sharing personal and financial information, we can safely assume that a donation made here will never reach the Red Cross.

In fact, the organization has its own dedicated, HTTPS protected web forms for donations, and this is the only webpage through which online donations should be processed.

"This underscores one of our primary pieces of advice when it comes to email security," say the researchers. "Never follow links in email. The risk that the link is spoofed is just too great."






Spotlight

The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Aug 29th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //