A PayPal text message phishing campaign is currently underway that is attempting to steal login credentials and other personal information that can be used for identity theft. When PayPal detects suspicious activity on a user’s account, the company will set the account to “limited” which puts temporary restrictions on withdrawing, sending, or receiving money. The new SMS text phishing campaign (smishing) pretends to be PayPal stating that an account has been placed on “limited” status and provides a link to enter login credentials to verify the account. The message reads, “PayPal: We’ve permanently limited your account, please click the link below to verify.” The links direct the user to a very official-looking page that immediately asks for the login credentials and if entered, leads the victim to a second page that asks for more details that include the user’s name, date of birth, address, banking details, and more. If an unsuspecting victim enters this information, it is sent to the attacker to use in a multitude of attacks, including but not limited to, credential stuffing, identity theft, targeted spear-phishing attacks, and more.
