Reputation of PayPal Exploited by New Phishing Campaign, Warns Graham Cluley

"Cyber crooks are exploiting the reputation of payment processor PayPal in a new phishing email scam," warns Independent Security Analyst, Graham Cluley, as reported on 30th September, 2013.

The phishing emails with the title 'You sent a payment' addressing the recipient as "Dear customer", tells him he sent a mobile payment of 47Pounds to JD Sports Ltd. It goes on to say that a message has been further sent to the company to either accept or reject the payment. The email recipient is told to note that the aforesaid payment may take some time to feature on his list of 'Recent Activity' of his 'Account Overview', to witness the transaction details online.

Cluley after analyzing these malicious emails thoroughly, said that Internauts clicking on the links land on a phishing web site of PayPal, as published by softpedia.com on September 30, 2013.

Internauts who log into their PayPal accounts and enter their 'username' and 'password' are in actuality sending their credentials to the cybercriminals who run the scam, he added.

The phishing web page is very well-designed and perfectly mimics the original PayPal web site and hosted on a sub-domain of a Hungarian web site which an online-store selling 'dog-bite training suits'.

This is a common strategy employed by cyber crooks to make sure that their phishing web pages are not identified quickly by web site reputation services and also by other security software.

Having analyzed the Hungarian website, Cluley explained that in this case, a web site has been compromised and cybercriminals have implanted a fake PayPal homepage on the server of the hacked website. The owners of the hacked website probably are not aware of this and not taking enough care for their website security.

The expert suggests that everyone must be wary of phishing emails from PayPal and ensure that their own web site is not vulnerable to hackers who may inject malicious code and web pages.

Conclusively, this isn't the first time that PayPal's reputation has been abused by spammers in 2013, as emails impersonating it (PayPal) claiming that the recipient's PayPal account had been deleted and he must click a "Recover Account" link to retrieve his account, were identified in April 2013.

» SPAMfighter News - 10/9/2013