Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


OpenDNS Intercepts Fresh PayPal Phishing Scam

OpenDNS Security Labs discovered one extensive phishing scam aimed at people using PayPal the well-known facilitator of Internet-based payments, a news that itbusiness.ca published February 11, 2015.

According to OpenDNS, the scam, which began 26th January 2015, along with the phishing site impersonating PayPal's login section continues to be prevalent.

Like always, probable victims are enticed towards accessing fraudulent web-pages looking like PayPal with phishing electronic mails masquerading as PayPal and often asserting about an issue with the end-users' A/Cs, while allegedly providing a web-link for reaching it.

If users click the web-link, they're led via several pages crafted for extorting the maximum possible financial and other personal data from them.

Several domains host the phishing site as they include 'paypal' inside their domain-names thus producing x-paypal[.]com, security-paypal-center[.]com, redirectly-paypal[.]com, among others. The domains' hostings are from different providers.

A few among the said PayPal-spoofed websites can hardly be distinguished from the real website since the identical else near-identical color scheme, text and images are used in them.

And aside simply copying PayPal website's name and design, the hackers in reality took copy of the HTML code straight off the real site for putting forth a persuasive display.

According to OpenDNS, it has informed PayPal about the scam so the 'fraud-and-abuse' wing of PayPal has started work for terminating those spurious websites.

Certain easy-to-understand recommendations follow from the security company such as being watchful about signs so one doesn't become victimized with the above kind of assault, like checking if the website uses HTTPS as well as one genuine SSL Certificate belong to the company visited. Each-and-every phishing website that OpenDNS detected delivered its content via HTTP that's extremely unusual with money-transfer websites.

More signs for noticing are layout presentations that vary from the actual website. There could be evidences in the phishing electronic mail pertaining to its genuineness, like in case the message's wordings are odd alternatively directly instruct the user for providing his password then it would prove it's a phishing e-mail. An increasingly savvy end-user may examine an e-mail's caption, tracking the path for figuring out whether it's impersonating some other entity, concludes OpenDNS.

ยป SPAMfighter News - 2/19/2015

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page