PayPal scheme urges customers to phone in personal info

By

A new phishing scheme is tempting PayPal users to call a malicious phone number and leave their account information, researchers warned today.

Experts at Sophos said the scam email claims the recipient's account has been tampered with, but does not use a link or response address to bait PayPal users.


When a duped user calls the phone number, he or she hears the following message: "Welcome to account verification. Please type your 16-digit card number."

If incorrect information is entered, users hear a request for reentry, according to Sophos.

The new technique is an indication of malicious users' growing sophistication, said Ron O'Brien, senior security analyst at Sophos.

"This new technique is further evidence that spammers are getting smarter about the way they prey on innocent users," he said. "While many users have become too keen to click on links in unsolicited emails, it's more difficult for users to know the validity of a phone number."

PayPal is no stranger to phishing schemes, which have used a number of tactics to lure users to fraudulent websites. To this point, practically all such scams have used links to other sites or malicious email addresses.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames

Victoria's Secret pulls down website amid security incident

Victoria's Secret pulls down website amid security incident

Log In

  |  Forgot your password?