Phishing is still one of the common threats on today's Internet. Criminals try to get account information and other personal information from users by faking emails and websites of trusted services, websites and authorities.
Phishing is very common in the financial sector and PayPal is by far the service with the largest amount of phishing related attacks.
We have seen an increase of phishing emails with the subject "Your account has been temporarily limited" that target PayPal users. The from email address is firstname.lastname@example.org. The email body contains no links or clickable contents. It reads like this.
Dear PayPal account holder,
PayPal is constantly working to ensure security by regularly screening the accounts in our system. We have recently determined that different computers have tried logging into your PayPal account,and multiple password failures were present before the logons.
Until we can collect secure information, your access to sensitive account features will be limited. We would like to restore your access as soon as possible, and we apologize for the inconvenience.
Download and fill out the form to resolve
the problem and then log into your account.
A html file with the name Restore_your_account_PayPal.html is attached to the email which mimics the official PayPal page but is executed on the local system.
It consists of a simple form asking users to fill out personal information which includes name, address, social security number and credit card. The form does not ask for PayPal login information.
The email is obviously fake and not from PayPal. Here are some clues why that is the case:
A look at the HTML source code reveals further inconsistencies. The document embeds elements from unofficial sites like Megabyet, the form action (which is where the form data is submitted and processed is also on Megabyet and not on PayPal.com.
What should you do with the fake email? You can forward it to email@example.com the way it is, or delete it right away if you do not want to forward it to PayPal's spoofing department.Advertisement
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.