The cybercriminals behind a new phishing campaign are impersonating PayPal by sending fake order confirmations in an attempt to steal credit card information from unsuspecting users.
In November last year, security researchers from email security company Avanan owned by Check Point discovered a similar campaign that spoofed Amazon. These attacks were successful because they used legitimate links from Amazon and forced users to make a phone call to cancel their fake orders.
Avanan has now discovered a similar phishing campaign impersonating PayPal but once again the attacking users called themselves in an attempt to cancel a cryptocurrency request placed on the payment platform. However, instead of canceling the fake order, phone numbers are collected for future attacks and the user’s banking information can also be stolen.
If you have received any suspicious emails from PayPal recently, this is what you need to know to avoid becoming a victim of this scam.
Using fake PayPal order confirmation emails as a lure
In this new phishing campaign, the attackers first sent what looked like a PayPal order confirmation to inform potential victims that they had purchased over $500 of Dogecoin. If they want to cancel the order, a customer support number will be provided at the bottom of the email.
While calling the number may seem like the right thing to do, it is actually not because the cybercriminals behind this scheme can use your phone number to carry out other cyber attacks through text messages, calls or WhatsApp messages. As the Avanan researchers point out in A Blog post (Opens in a new tab): “One successful attack can lead to dozens of other attacks.”
Although the number included in the emails seen by researchers is from Hawaii, those behind this campaign and others like it are not usually based in places like Hawaii and instead register a phone number to a US area code before forwarding calls to the relay International.
The reason this attack worked is because there are no links in the body of the email sent to users. As a result, the message is able to bypass email security filters and ends up in the inboxes of potential victims.
How to avoid becoming a victim of this and other scams
In order to avoid the new PayPal phishing campaign, Avanan recommends users first look at the sender’s email address to make sure it’s legitimate. From here, they have to verify their PayPal account as they will see that the order in question is not in their account. It is easy to do because cybercriminals provide the transaction ID and date which will not appear in your PayPal order history.
It’s also worth noting that cybercriminals frequently impersonate major online retailers like Amazon and payment services like PayPal. If you have legitimate email from one of these companies saved in your inbox, it’s easy to compare the two to see if they have similar addresses, formats, etc. This is a big red flag and often makes it easy to spot phishing emails.
Finally, you should always be careful when calling a number from an email. If you decide to call, do not provide your banking and payment information over the phone, as no legitimate company will ask you to do so.
[ad_2]