June 26, 2012Dancho Danchev By Dancho Danchev

Spamvertised ‘Confirm PayPal account” notifications lead to phishing sites

PayPay users, beware! Phishers have just started spamvertising hundreds of thousands of legitimately-looking PayPal themed emails, in an attempt to trick users into entering their accounting data on the fraudulent web site linked in the emails.

More details:

Screenshot of the spamvertised PayPal themed campaign:

Sample spamvertised URL: hxxp://lejesepofol.altervista.org/plaoyap/plaoyap/index.htm

Sample spamvertised text: Dear PayPal Costumer, It has come to our attention that your PayPal® account information needs to be updated as part of our continuing commitment to protect your account and to reduce the instance of fraud on our website. If you could please take 5-10 minutes out of your online experience and update your personal records you will not run into any future problems with the online service. However, failure to update your records will result in account suspension. Please update your records before June 12, 2012. Once you have updated your account records, your PayPal® account activity will not be interrupted and will continue as normal.

Upon clicking on the link found in the phishing emails, users are presented with the following legitimately-looking PayPal login page:

Users are advised to avoid interacting with the emails, and to report them as fraudulent/malicious as soon as they receive them.

You can find more about Dancho Danchev at his LinkedIn Profile. You can also follow him on  Twitter.

Share Button