Fake emails from Paypal are used to steal users’ loggin information

It seems that Christmas season has affected almost everyone. However, you should be aware that scammers always try to use this affection for their malicious purposes. One of this year’s phishing schemes pretends to be a letter from PayPal. It has been noticed in Australia, but all users of this huge payment service should be aware about it because everyone may become a target.

The fake letter from PayPal reports about a small payment, like $79 for an eBay advertising service or $56 for a movie from Amazon. It claims something like ‘You sent a payment of $79.3 AUD to eBay International AG…’. Of course, user knows that he hasn’t spend the money on it, so he will definitely try to dispute this payment. Normally, we all use PayPal’s online dispute resolution. However, scammers have put some work to make victims forget about this service – fake letter from Paypal includes a link, which says ‘Press here to cancel this payment’.

The reason why scammers have created all this trickery is really simple – they try to get PayPal’s loggin information from users. Once you click on such link, you are redirected to a page, which looks like a genuine Paypal’s website. However, you need only to pay attention to the address and you will see that you are on a forged website (the fake PayPal’s site doesn’t use https). Stay away from this lookalike impostor and remember few things:

  • Avoid clicking on login and similar links sent to your email;
  • Never enter a passwords and other loggin information on a suspiciously-looking website

Source: nakedsecurity.sophos.com



  • Suze

    I recieved a PayPal email that said my account was being audited because of an address change, and they needed a photocopy of my driver’s license or passport, a copy of my social security card and something else. I logged into my account, separate from the email and saw that there was indeed a warning on my account. I called the company and told them that they would never get those documents from me – that it was tantamount to stealing my identity. They said they would check into it. They sent an email a couple of days later to say that the requirement had been lifted from my account which was back in good standing.

    I wonder if there is a rogue element inside PayPal that is collecting personal data for phishing purposes. Weird!

    The email came grouped with the notifications of my address change and telephone number change, so it looked legitimate. PayPal should clean house and see if they have employees acting beyond the corporate structure to steal identities.

Like us on Facebook
news
Ask us
Parasites
Files