Posing as a lucky draw scam, a PayPal scam gave users a chance of winning money through their PayPal account by posting a link that required login credentials to verify their account. There were no listed prizes, but the tweet posted by @PayPalChristm included pictures of a car and an iPhone. Hints that led to the assumption of a scam included PayPal being spelled as “PayPall,” the pictures on the tweet were not a part of PayPal’s branding, and the page that users were redirected to did not include HTTPS nor a URL, although it looked like a real PayPal site. A journalist inputted fake login information which was sent to a page separate from the original link. Once the site was reached, it asked for confirmation of debit and credit card holders’ names and numbers along with the additional information necessary to access the account. It is clear that PayPal accounts are not the only target of the scam, but financial information was being targeted as well.
By Akshay Rohatgi and Randy Pargman About this Student Research Project Binary Defense’s mission is