Spamvertised ‘Confirm PayPal account” notifications lead to phishing sites

by

Share this news now.

PayPay users, beware! Phishers have just started spamvertising hundreds of thousands of legitimately-looking PayPal themed emails, in an attempt to trick users into entering their accounting data on the fraudulent web site linked in the emails.

More details:

Screenshot of the spamvertised PayPal themed campaign:

Sample spamvertised URL: hxxp://lejesepofol.altervista.org/plaoyap/plaoyap/index.htm

Sample spamvertised text: Dear PayPal Costumer, It has come to our attention that your PayPal® account information needs to be updated as part of our continuing commitment to protect your account and to reduce the instance of fraud on our website. If you could please take 5-10 minutes out of your online experience and update your personal records you will not run into any future problems with the online service. However, failure to update your records will result in account suspension. Please update your records before June 12, 2012. Once you have updated your account records, your PayPal® account activity will not be interrupted and will continue as normal.

Upon clicking on the link found in the phishing emails, users are presented with the following legitimately-looking PayPal login page:

Users are advised to avoid interacting with the emails, and to report them as fraudulent/malicious as soon as they receive them.

You can find more about Dancho Danchev at his LinkedIn Profile. You can also follow him on  Twitter.


Share this news now.
Spamvertised 'Confirm PayPal account" notifications lead to phishing sites by

Trackbacks

  1. [...] fake emails have been sent out in the past handful of days. Here’s an instance offered by Webroot so that you know what varieties of “PayPal” messages to keep away [...]

  2. [...] PayPal account‘ notifications lead to phishing sites An extremely legitimately-looking PayPal themed emails has been hitting inboxes in the last few days, trying totrick users into entering their accounting [...]