PayPal Phishing Scam Strikes Mailboxes

Latest news
Amnesty International Website Compromised to Produce Malware Cyber-criminals’ Latest Strategy is Application-Based Malware Scam, Which Infects Twice, Spotted Microsoft Issues Security Fix to Address Trojan Duqu Enticing E-mails about Adam Yauch’s Demise Serve Malware

Support our Sponsors

uClip Clipping Path Service

Main Menu

Resources

Login
Username Password Remember Me Forgot your password? Forgot your username? Create an account

Syndicate

Popular
HSBC Clients Targeted with Phishing Scam BBB Cautions about Phishing E-mails Supposedly from American Express USPS Cautions Consumers about Malware Laced Scam E-mails St. George Bank Clients Alerted about Fraudulent E-mails Commtouch Cautions about Siberian Dogs Fraudulent E-mail

Trampolines usa

PayPal Phishing Scam Strikes Mailboxes

Written by Administrator

Friday, 04 March 2011 14:00

A forceful online campaign is wildly spamming e-mails making fake claims of a security alert that apparently PayPal issued, thus published Nakedsecurity in news on February 23, 2011.

Actually, since more than 200m people use PayPal, online scammers are exploiting the situation for stealing money via treating the website as their main target. A particular method they are using is that of executing phishing attacks for the account information of PayPal users.

Consequently, the users are getting a phishing e-mail captioned "Please confirm your identity" as also an attachment included. But opening this attachment produces an HTML file, which imitates PayPal's web-page named "My Account" directing the user that he must feed personal information, including his credit card details so he may no longer be restricted from accessing his PayPal account.

Astonishingly, the purpose of this assault is for getting the user to divulge his name, birth date, address and credit card information.

Lately, an individual, aged 22 and belonging to Sherwood Nottingham (UK) was charged with having infiltrated 303 PayPal and eBay accounts as well as with siphoning more than $180,000 from authentic accountholders. The invader, it's alleged, cracked many eBay account passwords from where he gained admission into the PayPal accounts of the victims. Subsequently, he wiped these accounts off their balances and moved the money into his own account that he eventually used to make purchases.

Now according to the security researchers, any recipient at the very outset should feel doubtful of the e-mail as the sender's address reveals no indication that the related account is of PayPal's e-mail. However, users overall are being reminded that they shouldn't ever download attachments or click web-links coming via unsolicited e-mails rather they should visit the site directly via manual entry of the URL into the browser's address bar as also verify everything the e-mail claims from there.

Still, if the doubt persists then the user should visit the actual PayPal site followed with the usual logging in exercise and incase there really is a security alert from PayPal, then he can find it through the messaging mechanism of the website itself.

Read full article...