Scammers Disseminating Unverified PayPal Transaction Phishing Emails

DAVID BISSON em 04/12/2017 no site The State of Security

Scammers are pushing out fake PayPal emails that use the premise of an unverified transaction to phish for customers’ personal and financial information.

The attack emails lure in users with subject lines stating how PayPal couldn’t verify their transactions or complete their most recent payments. Here’s one example:

Example of unverified PayPal transaction phishing email. (Source: Malwarebytes)

We couldn’t verify your recent transaction

Dear Client,

We just wanted to confirm that you’ve changed your password. If you didn’t make this change, please check information in here. It’s important that you let us know because it helps us prevent unauthorised persons from accessing the PayPal network and your account information.
We’ve noticed some changes to your unsual selling activities and will need some more information about your recent sales.

Verify Information Now

Thank you for your understanding and cooperation. If you need further assistance, please click Contact at the bottom of any PayPal page.

Sincerely,

PayPal

Clicking on the “Verify Information Now” redirects the user to myaccounts-webapps-verify-updated-informations(dot)epauypal(dot)com/myaccount/e6abe. This fake landing page in turn attempts to direct them to a resolution center. There, they’re prompted to resolve the issue by providing “a little more information about [their] account transactions.”

A little more information? Try the user’s name, address, phone number, mother’s maiden name, date of birth, and credit card information.

Fake PayPal resolution center page where users are prompted to submit their personal information. (Source: Malwarebytes)

Christopher Boyd, lead malware intelligence analyst at Malwarebytes, explains the damage that submitting such data into the fake form can cause to users:

Sadly, anyone submitting their information to this scam will have more to worry about than a fictional declined payment, and may well wander into the land of multiple actual not-declined-at-all payments instead. With a tactic such as the above, scammers are onto a winner—there’ll always be someone who panics and clicks through on a “payment failed” missive, just in case. It’s an especially sneaky tactic in the run up to December, as many people struggle to remember the who/what/when/where/why of their festive spending.

Needless to say, this isn’t the first PayPal phishing campaign that’s targeted users, and it won’t be the last. Customers should therefore protect themselves by familiarizing themselves with some of the most common phishing attack types. If they come across a PayPal-related email that even remotely resembles one of those phishing scams, they should report it to PayPal here.