Another malicious campaign initiated by the Amerika crew

Apr 30, 2013 08:37 GMT  ·  By

A new PayPal-themed spam campaign has been launched by the Amerika crew, a criminal group that’s believed to be responsible for many of the major spam runs designed to lure users to malware-serving websites.

According to Dynamoo’s Blog, the latest series of malicious emails are entitled “Requested Reset of Yoyr PayPal Password,” and they inform recipients that their PayPal accounts have been put “on hold” until they reset their passwords.

“To get back into your PayPal account, you'll have to create a new password. It's easy: Click the link below to open a secure browser window. Confirm that you're the owner of the account, and then follow the instructions,” the malicious emails read.

Internauts who click on the links contained in the emails are taken to a legitimate website that has been hijacked by the cybercriminals. The compromised site is set up to redirect visitors to a landing site that serves a malicious payload.

I advise you to be on the lookout for such emails. To check if an email that appears to come from PayPal is legitimate, hover the mouse over the links and make sure they point to paypal.com and not to other domains.

Typos are also an indicator for scams. As you can see in this case, the spammers didn't even check the subject line of their emails, writing “Yoyr,” instead of “Your.”