New PayPal Scam Seen in the Wild - Binary Defense

Threat Watch

Share on facebook
Share on twitter
Share on linkedin

New PayPal Scam Seen in the Wild

Recent observations by researchers have revealed a new PayPal phishing email scam that attempts to obtain data, including Social Security numbers (SSN). Potential victims receive an email that states their account has been locked. Within the email is a bit.ly link that will redirect the recipient to a phishing site. The phishing site starts by asking for PayPal credentials, but then it moves on to asking for more personal information including birthdate, SSN, and card pin. It did not stop there; some victims were asked to provide photos of their ID or credit cards. Security researcher Jan Kopriva reported the issue to PayPal, but it may take them a while to get the phishing site taken down. This news comes not even two months after a separate PayPal scam that used a valid SSL certificate to steal banking information.

ANALYST NOTES

It is advised that whenever an email message is received that contains a link to a website, it should be treated with suspicion, especially if it seems to have been sent from a financial service such as PayPal or a bank. If the website is visited, users should attempt to verify its legitimacy before any important credentials are input. In this case, users could note that the bit.ly link redirected to a website that is not hosted at the paypal.com domain or reach out to PayPal directly and ask them to verify the legitimacy of the site. It is much safer to go directly to the service’s website using the known and trusted domain name to log in, rather than following a link from an email message. Indications of Compromise: https://bit[.]ly/2SwO61R https://nadhirotultaqwa[.]com/usrah/redirect.php https://www.leemou[.]com/files/selector/ Source: https://www.tripwire.com/state-of-security/security-data-protection/new-paypal-phishing-email-scam-wants-your-social-security-number/

Subscribe to Threat Watch

Daily summaries of threats, delivered straight to your inbox!


Click Here to Subscribe to Threat Watch
Facebook Twitter Instagram Youtube Linkedin
Solutions
Become a Reseller
Contact Support

Industries

Resources

About

Contact Us
Contact Support

Contact Support

Please complete the form below and a member of our support team will respond as quickly as possible.