PayPal users were targets of a phishing attack in late 2014.This attack involved the perpetrators sending out spam emails that directed unsuspecting members of the public to follow a link that would take them through to web pages that looked similar to PayPal pages and when they were there customers personal details were collected.
A known Iranian cyber criminal who was involved in setting up the attack, first registered a number of web domains, one of which is http://com-paypal-verification.com:2222/ that they used to host phishing sites. The false domains are designed to look like official PayPal money services sites and login screens that will then collect login details, passwords and credit card numbers.
This is a type of credential harvesting attack which is an example of serious cyber crime.
This attack captures account usernames and passwords and then gives them access to the PayPal account. It is best, to hover your mouse over a link or tap and hold it on a mobile device to see its destination. If you do click on such a link then one or more of the following points could happen:
- You will be directed to a spoof website that collects your personal data (as in the Iranian credential-harvesting attack above)
- Install spyware on your system (it can monitor your actions using a keylogger to steal passwords and or credit card numbers you type online)
- Malware could be installed on your computer that could disable it
How to tell a fake PayPal site:
- If it does not include the paypal.com domain then it is not legitimate
- Only enter password on paypal.com site which starts with https
- URLs:
- If the alleged PayPal domain contains @ sign then it is fake
- Only paypal.com domain is legitimate (it could redirect to your country); examples of fake URLs are www.paypalsecure.com; www.secure-paypal.com; or in the case of Iranian attack http://com-paypal-verification.com
No comments:
Post a Comment