Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


PayPal Misused in Malicious Spam Campaign

According to Proofpoint the global security company, PayPal the online payment processing portal seems to be circulating spam mails although with a genuine message telling the recipient that someone has requested him to send money. Also, the person requesting the money exists, only the request is through PayPal where spammers registered after compromised his personal information. The spam mails that PayPal seems as sending originate from the authorized e-mail id of the website, and here is the catch where victims are unable to realize the ruse.

The spammers made use of the form of PayPal required when money requests are made and included customized text in the custom field. Along with the text, they also added one short URL Goo.gl, which opened into a website from where a file named paypalTransactionDetails.jpeg.js is automatically downloaded onto the victim's PC.

But before that if the URL is clicked, an amount of $100 gets debited to the victim's PayPal account while his computer (Windows PC) gets contaminated with a Trojan called Chthonic. Itwire.com posted this, July 27, 2016.

Proofpoint further observes that Chthonic pulls down another malware which is called AZORult. While the function of this malware isn't yet known, investigation is on to find its characteristics.

According to threat operations' vice president Kevin Epstein of Proofpoint, it isn't unknown of instances when malware distributors exploited genuine websites. Nevertheless, the current spam campaign is so well engineered that it doesn't merely evade the conventional security defenses but also deceptively makes the victim follow malicious web-links and pay money.

Unfortunately, visits to the fake Goo.gl URL have occurred as many as 27 times. Moreover, the hacking of the genuine PayPal accounts is also uncertain for it could be that the crooks created fake accounts in the name of genuine accountholders from where the money request came.

Proofpoint analyzes that the above types of attacks are hard for accountholders on PayPal to realize. Rather the company and similar other client-servicing websites require to proactively scrutinize for authenticity of URLs when they pass through e-mail/network gateways, as well as check for fake messages. Additionally, they should provide basic information training to users.

ยป SPAMfighter News - 8/2/2016

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page