Phishing net open for PayPal users

By

A bait-and-switch scheme is targeting users of the financial service PayPal, according to security researchers.

A fraudulent phishing email originating in Romania is asking users to download supposed new security measures for the PayPal service. A deceived customer then downloads a trojan which modifies the DNS server of the PC and deletes itself.


"The next time the user attempts to visit the PayPal website, he or she will instead arrive at a phishing site," which asks for personal and credit card information, according to the website of WebSense, discoverer of the trojan last week.

The fake PayPal website has a section entitled, "Security measures: Are you traveling?" according to WebSense.

"PayPal is committed to maintaining a safe environment for its community of buyers and sellers," the fraudulent email reads. "To protect the security of your account, PayPal employs some of the most advanced security systems in the world, and our anti-fraud teams regularly screen the PayPal systems for unusual activity."

The PayPal site doesn't have a direct reference to the swindle, but it lists a number of tips for consumer password and email security.

"Look for a PayPal greeting," the company's site tells users. "PayPal will never send an email with the greeting 'Dear PayPal user' or Dear PayPal member.' Real PayPal emails will address you by your first and last name or the business name associated with your PayPal account."

The site also asks users to share what they believe are fraudulent attempts to obtain personal information.

www.paypal.com
www.websense.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound

Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames

Log In

  |  Forgot your password?