Phishing Websites Virtually Indistinguishable from Paypal’s Legitimate Properties
February 11, 2015 01:44 PM Eastern Standard Time SAN FRANCISCO--(BUSINESS WIRE)--OpenDNS, a leading provider of cloud-delivered security, today released information on its OpenDNS Security Labs Blog regarding a new PayPal phishing campaign that is demonstrating an unprecedented level of sophistication. Starting on January 26, OpenDNS Security Labs began tracking multiple fraudulent PayPal websites that were used as part of a coordinated campaign to harvest international users’ account credentials, credit card numbers/PINs and other personal information such as passport and driver’s license numbers. The malicious websites were created using free online tools and were virtually indistinguishable from the actual PayPal.com property. OpenDNS Security Labs is currently working with PayPal’s Fraud and Abuse Department to take down the malicious sites.
Full Article
OpenDNS Discovers New, Highly Sophisticated PayPal Phishing Campaign
+52Active spam campaign leads to sophisticated PayPal phishing sites
PayPal-themed phishing campaigns are nothing new, but they are more and more legitimate-looking as time goes by.
Researchers with OpenDNS Labs have spotted one such campaign that started on January 26th, and some of the spoofed PayPal login pages are still up.
As per usual, potential victims are lured to the fake pages with emails impersonating the popular e-payments company, usually claiming that there is a problem with the user's account, and ostensibly offering a direct link to it.
Following the link leads the victims through a chain of pages created to extract as much personal and financial information from them as possible:
http://www.net-security.org/images/articles/pp-phish-12022015.jpg
Full Article
PayPal-themed phishing campaigns are nothing new, but they are more and more legitimate-looking as time goes by.
Researchers with OpenDNS Labs have spotted one such campaign that started on January 26th, and some of the spoofed PayPal login pages are still up.
As per usual, potential victims are lured to the fake pages with emails impersonating the popular e-payments company, usually claiming that there is a problem with the user's account, and ostensibly offering a direct link to it.
Following the link leads the victims through a chain of pages created to extract as much personal and financial information from them as possible:
http://www.net-security.org/images/articles/pp-phish-12022015.jpg
Full Article
Helpful Webroot Links: Download (PC) | Download (Best Buy Subscription) | Submit Support Ticket | Account Console | User_Guides | BrightCloud URL lookup
1 person likes this
Reply
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.