ESET investigators warn of the circulation of a new phishing campaign that aims to steal credentials to access PayPal accounts.
The scam consists of sending SMS apparently sent by the online payment company and indicating that the victims’ accounts have been “permanently limited” due to suspicious activity. The message then asks the user to verify his identity by following the address sent.
ESET explains that although PayPal alerts every time a high-risk activity is detected on the account or when the Acceptable Use Policy (AUP) is violated, this case is clearly a phishing campaign based on in SMS, or smishing.
By clicking on the link included in the messages, the victim is taken to a fake login page, experts say. If access credentials are entered, the data is sent to the campaign authors, and there is also the possibility of theft of other information such as name, date of birth and bank details.
It is true that the tactic used by cybercriminals is not new and PayPal is one of the most used companies in phishing scams. However, attackers often change their methods of operation in order to defraud even more people.
Among the most used fraud tactics in PayPal, ESET highlights, for example, messages that claim that the victim won a prize and that he needs to pay a “transfer fee” to receive it, or even emails with false invoices as if they were transfers made to charitable works.
The stolen data can then be used in other scams, identity theft, or compiled into lists that are sold on the Dark Web. The situation gets even worse when victims use the same credentials on other services.
To avoid falling victim to such attacks, researchers recommend that you pay extra attention to the messages you receive. You should also activate two-factor authentication methods and, in order not to reuse your credentials, it is recommended to use a password management application.