PayPal Phishing Attack Promises to Secure Accounts, Steals Everything

[LASER_oneXM]

Content source

https://www.bleepingcomputer.com/news/security/paypal-phishing-attack-promises-to-secure-accounts-steals-everything/

An ongoing phishing campaign is targeting PayPal customers with emails camouflaged as 'unusual activity' alerts warning them of suspicious logins from unknown devices and attempting to squeeze them dry of all their credentials and financial info.

As the ESET researchers that spotted these attacks discovered, the phishers are attempting "to trick users into handing over considerably more than ‘only’ their access credentials to the payment service."

To make sure that the potential victims are scared straight and more than willing to click on the link embedded within the phishing message, the attackers say that their accounts are limited until they're secured by confirming their identity.

"Please log in to your PayPal account and complete the steps to confirm your identity. To help protect your account, your account will remain limited until you complete the necessary steps," the phishing bait emails say.

"The security of your PayPal account is a top priority for us and we want to work together to help protect it."
... ...

 

[Antus67]

Sad situation these cyber criminals will go to no lenghts to get at your identity and your money. Good article Laser thanks

 

[Vasudev]

Reported incident like this on my account 6 months ago to their security team! They said they were grateful for notifying them.

 

[oldschool]

Reported incident like this on my account 6 months ago to their security team! They said they were grateful for notifying them.

I'll also report these to my email provider.

 

[TairikuOkami]

Paypal, where you can have 20 characters long password (compared to 200 on any forum) and they do not allow/copy paste, so you have to type it in somehow.