PayPal users are being targeted by a new phishing scam that aims to steal funds and take over accounts by tricking users with some very sophisticated fake emails. This new “account profile scam” was first covered in a blog post from Malwarebytes whose security researchers noticed that emails with the subject line “Set up your account profile” were being sent out to PayPal users.
However, the body of these emails often contained different instructions for each user – with the type of urgent language found in typical phishing emails like "this link will expire in 24 hours," or stating that an amount has been charged to the users account and needs to be disputed. Interestingly, they also provide targets with a button to click through to PayPal's actual site, where they would be led through to a command to add a secondary user. Since a secondary user can issue payments, the scammer could then drain the target's account.
PayPal, with over 434 million active users, is an attractive target for scammers and threat actors. Malwarebytes reports that this particular campaign, which looks to have been active for at least a month, contains a spoofed sender address so it appears to come from a valid source: service@paypal[.]com or service@paypal[.]co[.]uk.
Phishing campaigns or scammers will often use programs that let them type in any address that they want in the “from” field’ because many email systems do not check or validate this information, the fake email address is then displayed as though it were legitimate. Other indications that the emails in question were fake include the distribution list, which lets scammers send bulk emails to targets. Scammers can set up distribution lists from a compromised domain, which often will give away malicious activity.
How to stay safe
Malwarebytes says they’ve determined that this particular campaign has been running for at least a month or more and advises the following in order to stay safe:
Look out for the red flags listed above if you receive an email from PayPal. Always search the phone numbers and email addresses in an email to look for any associations to known scams. If you receive a suspicious email, you can report it to phishing@paypal.com and then delete it.
If you receive a suspicious email, do not click on anything within it. Instead, simply go directly to paypal.com to see if there are messages for your account there. Additionally, make sure that you enable two-factor authentication (2FA) to add an extra layer of security for your online accounts to prevent scammers from accessing them.
Finally, you want to protect your devices from the latest cyber threats by making sure you have one of the best antivirus programs installed and up-to-date on your computer. You also want to make sure that you're familiar with all of its features that can help you stay safe online like a VPN or a hardened browser.
Follow Tom's Guide on Google News to get our up-to-date news, how-tos, and reviews in your feeds. Make sure to click the Follow button.
More from Tom's Guide
- Major US delivery company hit in data breach with full names, SSNs and medical info of thousands exposed online
- What to do if your email has been hacked
- Google says claims of Gmail security warning are 'false' — here's the latest
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.
