Not open for further replies.


Community Manager
Staff member
A new PayPal phishing campaign is making the rounds
PayPal's immense success has always attracted the interests of numerous cyber-crime groups, which have many times tried to get their hands on user account credentials by various means.

If hackers could not breach PayPal's servers, which are protected by a plethora of cyber-security business solutions and hardened through years of security best practices, most of the times, users have been targeted by a high number of phishing campaigns, one more complex than the other.

One of the most recent of such phishing campaigns is one detected by Comodo's Antispam Lab, where the hackers are using carefully worded emails to trick users into entering their PayPal email and password into a file attached to the email itself.

The email claims to be from PayPal's support team, and is alerting users victims of unusual activity on their account, urging them to update their profile to verify ownership over the profile.

The file attachment is nothing more than an HTML file, crafted to look like the official PayPal website.

Users are tricked into entering not only their PayPal email login and password but also other sensitive information like their credit card details, date of birth, complete name, phone numbers, mother's maiden name, and more of such.

As a tip from Softpedia, whenever you get such emails, you should always avoid clicking anything inside the email body, and manually open a browser, type in "" yourself, and authenticate using that window to see if everything is OK with your account
Not open for further replies.