A fake website designed to mimic the official PayPal site is being used in a ploy to steal recipients’ log-in details and credit card information.
A fake website designed to mimic the official PayPal site is being used in a ploy to steal recipients’ log-in details and credit card information.
Being blocked by MailGuard today, the scam tells recipients their PayPal access has been ‘limited’ until they update their account details.
The cybercriminals claim the restriction is because the account holder has violated their agreement with PayPal.
The email includes an authentic-looking ‘Case ID Number’ and tells recipients they have two days to restore their account, via an ‘Update Now’ button.
An unusual subject line, jolted sentence structures and the failure to capitalise the first words of sentences are hints that the text isn’t the work of a professional.
Those who click the button are directed to the apparently-compromised domain of a French-Canadian singer. The page has a PayPal logo and requests a user name and password.
Those who input their information have unknowingly handed over their PayPal login details to the scammers. Victims are then greeted with a second page asking them to update their account information.
Next, victims asked to input credit card details, including security code.
Note that the progress bar at the top of the page remains static at 30%.
Those who fill out the form and hit ‘Save’ have unwittingly given cybercriminals free reign over their credit card.
Next, a ‘success page’ tells the recipient they have successfully restored their account access.
Eagle-eyed readers may spot some sloppy spelling and grammar – the hallmarks of most phishing scams. ‘Your have restored your account access’ and an uncapitalised ‘re-login’ button are examples.
When users click ‘re-login’, they’re taken to the legitimate PayPal site. Unsuspecting users may never realise they have been scammed.
Protection against phishing emails
To protect your business against scams like this PayPal phishing email:
If you are unsure if a PayPal email is legitimate, simply contact the company directly.
Find more tips on identifying email scams by subscribing to MailGuard’s blog.
Keep up to date on the latest email scams by subscribing to MailGuard’s weekly update or follow us on social media.