Share

• Copy link
• Facebook
• X
• Reddit
• Email

Share this article

Join the conversation

Follow us

Add us as a preferred source on Google

Newsletter

Get the Tom's Guide Newsletter

Here at Tom’s Guide our expert editors are committed to bringing you the best news, reviews and guides to help you stay informed and ahead of the curve!

Become a Member in Seconds

Unlock instant access to exclusive member features.

Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors

---

By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

You are now subscribed

Your newsletter sign-up was successful

---

Want to add more newsletters?

Daily (Mon-Sun)

Tom's Guide Daily

Sign up to get the latest updates on all of your favorite content! From cutting-edge tech news and the hottest streaming buzz to unbeatable deals on the best products and in-depth reviews, we’ve got you covered.

Signup +

Weekly on Thursday

Tom's AI Guide

Be AI savvy with your weekly newsletter summing up all the biggest AI news you need to know. Plus, analysis from our AI editor and tips on how to use the latest AI tools!

Signup +

Weekly on Friday

Tom's iGuide

Unlock the vast world of Apple news straight to your inbox. With coverage on everything from exciting product launches to essential software updates, this is your go-to source for the latest updates on all the best Apple content.

Signup +

Weekly on Monday

Tom's Streaming Guide

Our weekly newsletter is expertly crafted to immerse you in the world of streaming. Stay updated on the latest releases and our top recommendations across your favorite streaming platforms.

Signup +

---

Join the club

Get full access to premium articles, exclusive features and a growing list of member rewards.

Explore

---

An account already exists for this email address, please log in.

Subscribe to our newsletter

In order for a phishing campaign to be successful, the cybercriminals behind it first need to ensure that their lures can reach potential victims, which is why they’ve recently turned to PayPal to send out fake invoices.

According to a new report from the Checkpoint-owned cybersecurity firm Avanan, cybercriminals are now using the legitimacy of PayPal to reach the inboxes of unsuspecting users.

Beginning in June of this year, the firm’s security researchers first observed this new technique which utilizes PayPal to send out malicious invoices and request payments. The cybercriminals behind this new campaign use free PayPal accounts to send emails from the company’s domain while spoofing the popular antivirus software brand Norton.

After creating an account, the cybercriminals use PayPal’s features to create fake invoices in which they edit the business name and fake phone numbers to make them appear more legitimate. 

These fake invoices also include a message that reads: “Thank you for purchasing Norton Security Premium plan, if you have not authorized this transaction please call us with your credit card details.” 

Unsuspecting users, who don’t remember signing up for Norton’s antivirus software, may call the number and provide their credit card details to avoid being changed. However, in doing so, they willingly give the attackers their phone number and payment information which can be used in future attacks.

The Static Expressway

This isn’t the first time that Avanan has observed cybercriminals abusing legitimate services in their attacks. In fact, just last month, it released a report detailing how QuickBooks was used to carry out a very similar type of attack.

As both QuickBooks and PayPal are on the Allow Lists of the best email services, emails sent from either service pass right through to reach a user’s inbox. Avanan calls this The Static Expressway and it refers to the practice of cybercriminals utilizing websites that are on static Allow Lists to ensure their phishing emails reach users’ inboxes.

In this case, Avanan notified PayPal of this new attack on July 19 and the company plans on updating its report with additional information once they hear back from the payments giant.

How to avoid falling victim to this and other phishing scams

In order to avoid this phishing scam, users first need to monitor their inboxes and PayPal accounts for fake invoices. If you receive an invoice for a product or service you don’t remember purchasing, you should check your PayPal account first to see if you may have ordered something and forgotten about it. However, you should never call the phone number on any fake invoices or provide your credit card details over the phone to anyone.

For those who are curious about the phone number on a fake invoice, Avanan recommends that users look up the phone number in a search engine first. Also, you can check a company’s website to see if the phone number provided on the invoice matches the one listed on their site.

Another big thing to look out for when it comes to phishing emails is a sense of urgency. Cybercriminals and scammers often give potential victims a short time frame to respond to their messages — this is a major red flag in regards to phishing scams and emails.

Now that Avanan is raising awareness to the fact that cybercriminals are abusing legitimate services to send out phishing emails, the companies being impersonated will likely require users to provide even more details when signing up to avoid having their services being misused.