Spam Mails Masquerading as PayPal, Warns Webroot

According to a warning that Webroot the security company has just issued, innumerable bogus e-mails are targeting people's mailboxes since a few days as they pretend to be from PayPal.

The e-mails inform of certain payment received of a stated value $208, however, these don't specify the good or service it's related to, Webroot highlights.

Guessing that the e-mail will arouse curiosity among recipients regarding the payment coming most unexpectedly, the spam sender presents an attachment apparently to give details regarding the same.

Nevertheless, the attachment contains one backdoor Trojan that Webroot detected to be Backdoor.Win32.Androm.fm;Worm:Win32/Gamarue.

Webroot also observes that 33 anti-virus scanners from the total 42 of Virus Total have detected this Trojan.

Worryingly, it's because of the above kinds of bogus e-mail campaigns which has resulted in an increase in spam online, state Webroot's researchers. Their remark gets the backing of the "Intelligence Report for July 2012" by Symantec another security company whose data show that the worldwide prevalent percentage of junk e-mails to the total e-mail traffic increased 0.8% in the said month to 67.6% from June 2012.

In any case, security experts suggest Internet users for being extremely careful with PayPal-spoofed electronic mails, which particularly direct them for viewing an attachment alternatively following a web-link, to avoid getting victimized with a bogus e-mail as above. Additionally, if recipients of the current e-mail are so curious that they can't resist going through it in detail then they require accessing their PayPal A/c via the usual method of typing in the web address inside their browser's address bar alternatively resorting to a bookmark, if they've constructed one, as a means to remain secured, Webroot's experts suggest.

The experts in addition state that as PayPal performs chiefly over the Internet as well as communicates with clients mainly through e-mail, the payment service, since an extensive time-period, has been an attack point for cyber-criminals such as phishers and spammers. For example, during August-beginning this year (2012), one PayPal phishing campaign circulated online, notifying probable victims that owing to their credit or debit card companies their transactions could not be accepted.

Related article: Spam Scam Bags a Scottish Connection

» SPAMfighter News - 9/7/2012