Experts Warn of PayPal Phishing Flood

According to news in softpedia PayPal phishing scams are not uncommon. However, every once in a while experts notice a “flood.” The emails identified by Malwarebytes experts inform recipients of unusual activity in their accounts.

“Recently, there’s been activity in your PayPal account that seems unusual compared to your normal account activities. Please log in to PayPal to confirm your identity and update your password and security questions,” the emails read.

“To help protect your account, no one can send money or withdraw money. In addition, no one can close your account, send refunds, remove any bank accounts, or remove credit cards.”

The messages contain a link that points to a PayPal phishing website (see screenshot). The cybercriminals tell victims that they have to wait 72 hours before they get a response. This gives them enough time compromise accounts.

The phishing pages are hosted on a large number of domains, and over 500 IP addresses are associated with this particular attack.

PayPal customers are also targeted with fake “You’ve Received New Funds!” emails that purport to come from the payment processor. According to Webroot, these notifications carry a piece of malwaremore precisely, a variant of the notorious ZeuS banking Trojan.

Related posts

ANY.RUN Discovers Tricky Phishing Attack Using Fake CAPTCHA

Kia Dealer Portal Vulnerability Risked Millions of Cars

Latest Octo Malware Variant Mimics Popular Apps Like NordVPN, Chrome