3/15/2023 0 Comments Paypal logo white![]() It accounted for 37.8% of all financial phishing attacks tracked by the cybersecurity company last year.Ĭybercriminals are devising elaborate ways to appear more convincing and dupe victims. This makes it a top target for cybercriminals.Īccording to the Kaspersky financial cyber threats report of 2021, PayPal is the most impersonated financial services company in the world. PayPal is one of the biggest payment platforms in the world, with about 325 million active accounts. PayPal Is the Most Impersonated Financial Service Company However, according to the Virginia Commonwealth University’s Phishing Net page, which contains a list of phishing scams and other malicious schemes, scammers will try to convince victims to install remote access software on their devices. It is unclear what happens when victims call the toll-free number. The attack succeeds whether the victims pay the invoice or call the toll-free number. ![]() While the email Oxdf received appeared to have been addressed to him by PayPal, in other instances, scammers have posed as other reputable organizations, like GoDaddy and the World Health Organization (WHO), to deceive victims.Īccording to Avanan, this scam works because it is a “double spear” attack. It just happens to be an invoice from someone to me, asking for $1000,” Oxdf wrote. The email also contained a link to pay the invoice, which takes the victim to a legitimate PayPal webpage. ![]() What’s unique about this attack is that the scammer successfully registered an account under the name “Billing Department of PayPal,” lending credence to the invoice. It was sent from -the address PayPal uses to send updates to users. The phishing email Oxdf received seemed legitimate. It is unclear if the company has taken steps to stop scammers from exploiting its invoicing system. “Hackers are using a combination of social engineering and legitimate domains to extract money and credentials from end-users,” Avanan researchers explained.Īvanan said they informed PayPal about the attack on July 19. In July, cloud email security solutions provider, Avanan, wrote about this scam, highlighting an instance where cybercriminals posed as Norton to dupe unsuspecting victims. “I knew right away that I didn’t have a PayPal account for this email, so I was sure it was fake,” Oxdf noted.Īlthough PayPal invoice scams have been around for some years, they have become increasingly popular in recent months. The email said the amount would be deducted from his account automatically in 24 hours if he did not call a toll-free number or visit the PayPal Support Center for assistance. On Monday, a Twitter user, identified as Oxdf, detailed one such attack where he received a fraudulent invoice from PayPal, asking him to either approve or dispute a bill of $1000 for two Walmart Gift Cards. Scammers are taking advantage of PayPal’s invoicing system to carry out elaborate and “convincing” phishing attacks.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |