Researchers have observed a new phishing campaign targeting PayPal users, directing them to fake pages designed to look nearly identical to the legitimate sites.
According to ESET researchers, the attack uses “very convincing bait” in an effort to ultimately steal users’ login credentials and other confidential personal information.
The attack is carried out after users receive an email with the PayPal logo and wording that sounds authentic. However, users who pay close attention may notice grammar and syntax errors that suggest the author isn’t a native English speaker.
The email alerts users of “unusual activity” on their account, adding that PayPal has “place[d] a limitation” on their account as a security precaution.
“To help us with is and to find out what you can and can’t do with your account until the issue is resolved, log in to your account and go to the Resolution Center,” reads the email.
Users are urged to access their account using what appears to be a “Log In” button. The URL then directs them to the look-alike landing page, which even has an SSL certificate to suggest it’s authentic.
“…the domain has nothing to do with PayPal sites, but rather are scam URLs. As with other campaigns, scammers typically use a myriad of dynamically generated domain names – sometimes slight variations on the real name,” explained ESET researcher Cameron Camp in a blog post.
After entering their information, unsuspecting users are presented with another message that explains why they’re account has been “limited.”
“Here, they present a sense of urgency along with more frightening scare to try to coerce you into giving the attackers more information,” warned the researchers.
Next, users are inclined to click “Continue,” which will route them to another page asking for even more personal information, including their:
- Phone number
- Mother’s maiden name
- Social Security Number
- Date of birth
ESET researchers suggest users concerned about PayPal security to log in directly into PayPal.com and update their security settings, as well as updating their password.
“Whether you’re a PayPal users or not, keep in mind that cybercriminals are spending more and more effort to make their phishing websites look exactly like the real vendors’,” researchers said.
For more tips on how to protect yourself against phishing scams, read our article here.