Hackers send phishing emails via PayPal domains

Sicherheit (Pexels, allgemeine Nutzung)[German]Brief message that I received from CheckPoint. Perhaps one or the other reader has an account with PayPal. Phishing is nothing new in this area – and criminals exploit the trustworthiness of the PayPal brand name to trick mail verification systems and get their victims' money and contact details. Now a new wave of phishing seems to have run, using PayPal domains.


Advertising

It is well known: Hackers' practice now includes the misuse of big brand names. In order to lure their victims on a safe trail in phishing emails, they pretend to issue invoices or requests for payment from well-known corporations such as Amazon, Microsoft or LinkedIn. This method is known as brand phishing. Now it turns out that the payment service provider PayPal has not been spared from this tactic.

Security researchers at Avanan, which was acquired by Check Point last year, have observed hackers using the PayPal escrow company to send malicious invoices and request payments. The criminals are even sending the email from the PayPal domain using a free PayPal account.

Paypal phishing email
Paypal phishing email, source: Avanan

The email fakes well-known brand names, in the example above that of Norton AntiVirus, and states that it is an invoice. Technically, the trick works because PayPal is listed as a legitimate website in most email checking systems and the email is forwarded unfiltered.

This approach is also known as the Static Fast Track and describes the practice of hackers targeting websites on these lists to get into the inbox. This method of attack via emails and brand identities is also called the Double Spear, because the user is first supposed to call the given phone number in order to trick him into paying the bill in the second step. The perpetrators incidentally then found out not only the email address but also the phone number of their victims, which can be used for future fraud attempts. This can affect any end user. Avanan immediately informed PayPal about the attack after this discovery.


Advertising

How to protect yourself from phishing mails

To protect themselves from these attacks, security researchers advise users:

  • Before calling an unknown service, search for the number on the Internet, as it may be listed as fraudulent there.
  • Check all accounts to see if charges have actually been incurred.
  • It is worth implementing advanced security measures, such as multi-factor authentication, to make it more difficult to access accounts.
  • If there is any doubt about the legitimacy of an email, the IT department should always be informed.

The best protection against phishing attempts is an attentive user with a critical eye.


Advertising

This entry was posted in Security and tagged . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).