Recent observations by researchers have revealed a new PayPal phishing email scam that attempts to obtain data, including Social Security numbers (SSN). Potential victims receive an email that states their account has been locked. Within the email is a bit.ly link that will redirect the recipient to a phishing site. The phishing site starts by asking for PayPal credentials, but then it moves on to asking for more personal information including birthdate, SSN, and card pin. It did not stop there; some victims were asked to provide photos of their ID or credit cards. Security researcher Jan Kopriva reported the issue to PayPal, but it may take them a while to get the phishing site taken down. This news comes not even two months after a separate PayPal scam that used a valid SSL certificate to steal banking information.
By Akshay Rohatgi and Randy Pargman About this Student Research Project Binary Defense’s mission is