14 DAY TRIAL // While spam campaigns launched by cybercriminals whose first language probably isn’t English still dominate the threat landscape, the number of schemes that are almost perfectly designed is constantly growing. Such is the case of the latest PayPal phishing emails.
Hundreds of thousands of well-designed fake emails have been sent out in the past few days. Here’s an example provided by Webroot so that you know what types of “PayPal” messages to avoid:
Dear PayPal Costumer,
It has come to our attention that your PayPal® account information needs to be updated as part of our continuing commitment to protect your account and to reduce the instance of fraud on our website. If you could please take 5-10 minutes out of your online experience and update your personal records you will not run into any future problems with the online service.
However, failure to update your records will result in account suspension. Please update your records before June 12, 2012. Once you have updated your account records, your PayPal® account activity will not be interrupted and will continue as normal.
Users who make the mistake of clicking on the link are directed to a page that replicates a PayPal login page, with shopping advertisements, forged VeriSign logos, and everything else needed to make a scheme legitimate-looking.
The webpage is hosted on a free alterVISTA domain that looks something like this: lejesepofol.altervista.org/plaoyap/plaoyap/index.htm
This particular domain has been deleted, but it doesn’t mean that the phishers are giving up. In such operations, tens or even hundreds of shady domains are utilized.
On the other hand, these schemes may be well designed, but none of them is perfect so, as long as you take a minute to think before handing over your credentials, you should be fine. For instance, just look at the date. The fraudsters haven't even bothered to change it.
If, by mistake, you’ve already fallen for this scam, be sure to immediately change not only your PayPal password, but also all the other ones that are similar.