A highly sophisticated phishing campaign is targeting PayPal users with a deceptive email designed to grant scammers direct access to their accounts.
The attack, which has been circulating for at least a month, uses a clever trick that bypasses traditional phishing detection methods by leading victims to the official PayPal website.
The scam begins with an email that appears to be from a legitimate PayPal address, such as service@paypal[.]com.
The subject line, “Set up your account profile,” is intentionally misleading. The body of the email claims that a new payment profile has been detected with a charge of $910.45 at the cryptocurrency exchange Kraken.com.
This combination of a large, unexpected charge and the mention of cryptocurrency is designed to cause panic and prompt an immediate reaction from the recipient.
Security experts warn of several red flags that can help users identify the scam.
Although the sender address is spoofed to look authentic, the recipient’s address is often an unfamiliar one, indicating the email was sent to a mass distribution list rather than an individual.
Furthermore, the subject line has no connection to the alarming content of the message. Perhaps the most significant giveaway is the lack of personalization.
Legitimate communications from PayPal will always address users by their full name or business name, whereas this phishing email uses no greeting at all.
The true sophistication of the attack lies in the link provided in the email. Unlike typical phishing scams that direct users to a fake login page to steal credentials, this link sends the victim to the real PayPal website.
However, the link is specifically crafted to initiate the process of adding a secondary user to the victim’s account.
If a user clicks the link and follows the on-screen prompts, they are not disputing the fraudulent charge as they believe.
Instead, they are unknowingly authorizing the scammer as a secondary user. This gives the threat actor the ability to issue payments directly from the victim’s account, potentially draining their entire balance.
With over 434 million active users worldwide, PayPal remains a high-value target for cybercriminals.
To protect against this and similar attacks, users are urged to follow these safety measures:
- Be vigilant for red flags such as generic greetings, mismatched subject lines, and unfamiliar recipient addresses.
- Never click on links or call phone numbers provided in a suspicious email. Instead, go directly to PayPal.com in your browser to check your account activity.
- Enable two-factor authentication (2FA) on your PayPal account to add a crucial layer of security.
- Report any suspicious emails to
[email protected]and then delete them from your inbox.
Find this Story Interesting! Follow us on Google News, LinkedIn, and X to Get More Instant Updates.
Source link
