Image

Image

By this stage, you have already handed over your PayPal login credentials; nevertheless, the scammers attempt to collect far more than that. As Figures 6 to 9 show, in a series of steps you’re asked to surrender a range of sensitive information, including your credit or debit card data, access credentials to the bank account linked to the card and, lastly, the login to your email account.At that point, the scam reassured the user that their account was secure. In reality, the user had forfeited several pieces of their personal and financial information, data which an attacker could then use to commit identity theft and credit card fraud. Users can protect themselves against the scam described above by familiarizing themselves with some of the most common types of phishing campaigns in circulation today. They should also exercise caution around suspicious links and email attachments, not to mention implement two-factor authentication (2FA) on their email, banking and PayPal accounts.