PayPal-phishing-scam-BleepingComputer

PayPal users targeted in new SMS phishing campaign

A PayPal text message phishing campaign is underway that attempts to steal your account credentials and other sensitive information that can be used for identity theft.

When PayPal detects suspicious or fraudulent activity on an account, the account will have its status set to “limited,” which will put temporary restrictions on withdrawing, sending, or receiving money.

A new SMS text phishing (smishing) campaign pretends to be from PayPal, stating that your account has been permanently limited unless you verify your account by clicking on a link.

“PayPal: We’ve permanently limited your account, please click link below to verify,” the smishing text message reads.

Clicking on the enclosed link will bring you to a phishing page that prompts you to log in to your account, as shown below.

PayPal smishing text and landing page

If you log in on the phishing page, the entered PayPal credentials will be sent to the threat actors. The phishing page then goes a step further as it will try to collect further details from you, including your name, date of birth, address, bank details, and more.

Collecting personal information from the victim

The collected information is used to conduct identity theft attacks, gain access to your other accounts, or perform targeted spear-phishing attacks.

Yesterday, two other people I know received these phishing texts, so it is a very active campaign, and everyone needs to watch out for these messages.

Smishing scams are becoming increasingly popular, so it is always important to treat any text messages containing links as suspicious. As with all phishing emails, never click on suspicious links, but instead go to the main site’s domain to confirm if there is an issue with your account.

What should you do if you enter info at this link?

If you received this text and mistakenly logged into your PayPal account or provided other information, you should immediately go to Paypal.com and change your password.

If you use that same password at other sites, change them there as well.

Taken from Portal: https://www.bleepingcomputer.com/

You might be interested

Signage
Vasil Dzadik

10 Reasons why Businesses Should Now go for Digital Signage vs Traditional Signage

If you are a restaurant who is planning to offer free brownies on order above a specific amount, simply display the offer quickly on screens and prompt your customers to increase their order value. The best part about circulating prompt discounts with digital signage is that it helps you grab more orders and sales in no time.

Security
Vasil Dzadik

Ransomware Attacks On The Healthcare Sector Are Skyrocketing

In the spring of last year a number of criminal hacker crews pledged to leave hospitals, nursing homes and other healthcare entities alone until the Covid-19 pandemic passed. At least one ransomware gang saw that as an opportunity.

Copyright © 2020 Intellope, s.r.o. | All rights reserved.

THEMES

Most popular

Newsletter

You’ve read about the importance of being courageus, rebellious and imaginative.

Social club

There is no better advertisement campaign that is low cost.

Copyright © 2020 Intellope, s.r.o. | All rights reserved.