sb-eu logo
Story image

PayPal phishing scam uses 'safety' features to trick people

26 Jul 2019

The wave of scam and phishing emails just doesn’t stop. This time, a bunch of PayPal scam emails are doing the rounds, and this time they’re more devious than ever. 

These scams use safety features to steal victims’ confidential data, and are ‘brandjacking’ trusted names in the industry to conduct their attacks.

In this case, a newsletter email service called was compromised at some point. Attackers are using this service to send fake emails with the display name “PayPal”.

According to security firm MailGuard, the message is a ‘confirmation’ that a new email address has been added to their PayPal account.

The email then asks users to click a link that says ‘let us know right away’ if they did not add the email address to the account. 

When users click on the link, they are taken to a clone of the PayPal website – but that website is anything but real. The page leads to another PayPal-branded login page requesting users for an email or mobile number.

When users click ‘next’, they are asked for their password. They then appear to ‘log in’ to PayPal.

Users are then asked to update their billing address.

When they do so, they are then asked for their credit card information.

After they’ve done all that, they are then redirected to the genuine PayPal website.

“Several techniques have been employed in this email to look like a genuine notification from PayPal, including the usage of high-quality graphical elements such as the company’s logo and branding,” comments MailGuard.

“Another technique is the attempt to evoke urgency; telling the recipient to ‘let us know right away’ creates a sense of anxiety and panic that their account isn’t safe. This also motivates the recipient to click on the provided link right away, distracting them from checking the sending address of the email and looking out for any other errors.”

“It is also interesting to note that the body of the scam email is, ironically, focused on securing the users’ PayPal accounts. This only adds on to the sense of legitimacy evoked by the email as security updates such as a new email address is a common notification expected of such a well-established company. All this serves to elicit a more confident response from recipients who think they are, in fact, making their accounts more secure by clicking on the provided link and entering their confidential login details.”

MailGuard says if people are sure if an email is genuine, they should contact the company directly. People should also:

•    Beware of emails that contain grammatical or branding errors, but purport to be from reputable organisations.
•    Always hover your mouse over the links contained in emails in order to check their legitimacy – don’t click them unless you are sure they are safe.
•    To ensure safety, type the URL of the organisation you are intending to visit manually into your browser or navigate through Google search to find the correct website before entering your credentials.
•    Be particularly wary of emails asking you to supply personal details that the purported organisation should already know, especially those which ask for credit card or bank account details.

Story image
HP CEO: "Please stay safe" during coronavirus outbreak
“The entire HP leadership team and I are ready to support you in the coming weeks and months. Do not hesitate to reach out to us or our teams at any time.”More
Story image
Interview: Barracuda decision-makers discuss public cloud security
Last month, Barracuda released a report outlining the security barriers organisations must overcome to adopt the public cloud, as studies reveal that security was the top concern for such organisations.More
Story image
It’s time for firms' cybersecurity credentials to take centre stage
leading enterprise database was also used to identify whether each company had a chief information security officer (CISO) or a chief security officer (CSO). The results proved extremely interesting…More
Story image
WatchGuard to acquire Panda Security
Once the integration is complete, customers and partners will have access to a security platform that bridges the network and user perimeter.More
Story image
Mentorship key to bringing women into cybersecurity - Microsoft
“Diverse teams make better and faster decisions 87% of the time compared with all male teams, yet the actual number of women in our field fluctuates between 10 and 20%. What ideas have we missed by not including more women?”More
Story image
COVID-19: Surfshark joins growing list of companies offering free services
The VPN service has recently announced its intention to offer free six-month subscriptions for small businesses, as more countries tighten quarantine measures and finances become strained.More