LulzSec has been assimilated back into Anonymous, but their AntiSec campaign keeps going.
PayPal users should be on the lookout for phishing e-mails with "Please confirm your identity" in the subject line supposedly coming from the service: The download and a click on the attachment opens up a HTML file that mimics the PayPal's "My Account" page and asks the user to enter its credit card and personal information in order to "remove the limitation" regarding the ability to access the account. The e-mail itself should raise some suspicions, especially because the e-mail account from which it arrives is not one of PayPal's. But, in general, users should do well to remember that they should never follow links or download attachments from unexpected or unsolicited e-mails, but to go directly to the site in question by typing the URL in the address bar of the browser and log in there to inspect the claims from the e-mail.
Accused of having broken into 303 eBay and PayPal accounts and of stealing over £180,000 in total from the legitimate owners of the accounts, a 22-year old from Sherwood, Nottingham, has plead guilty to various charges of fraud and theft and has been sentenced to three and a half years in prison.
A recent report compiled by OpenDNS showed that 45 percent of all phishing attempts made in 2010 were targeting PayPal customers.
OpenDNS released statistics about which websites were commonly blocked — and which websites users were frequently given access to — in 2010. The report additionally details the companies online scammers targeted in 2010, as well as where the majority of phishing websites were hosted.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.