Subscribe to our mailing list

X

Is That PayPal Email a Fake?

By on February 24, 2015

Faked PayPal email notifications directing recipients to malicious websites aren’t new. But cybercriminals are getting a lot better at executing them.

That’s what the discovery of a current phishing campaign designed to lure victims to click to a pair of very well-designed faked PayPal websites shows.

The finding comes from researchers at OpenDNS, a free, ad-sponsored service for making faster, more secure website connections.

The fraudulent PayPal websites are virtually indistinguishable from the real PayPal.com, down to the images used on the login screen, the color palette, and the HTML code used in the page’s layout, the researchers found.

The faked sites were registered through a popular web hosting service and designed using the service’s extensive site-building tools, resulting in a professional and realistic-looking site. “An untrained observer might not notice and actually follow through with entering credentials,” OpenDNS researchers wrote.

More Believable Domain Names

Even the domain names were selected to confuse victims. The phishers used site names like “redirectly-paypal.com” and “security-paypal-center.com.” One forged domain, “x-paypal.com,” was a “perfect clone of the legitimate PayPal.com site,” the researchers said.

Phishing refers to how attackers lure victims into handing over sensitive information such as user names, passwords and financial information. For the most part, phishing attacks begin with an email that appears to be from a legitimate source, whether it’s a person or a business, asking for specific pieces of information. This latest phishing campaign began with fake emails masquerading as official communications from PayPal.com.

If the recipient falls for the trick and clicks on a link in the email, the victim is directed to a website — which looks legitimate — to enter the information. The Anti-Phishing Working Group, a global consortium of companies and agencies, counted 128,378 phishing sites in the second quarter of 2014. This is the second-highest number of phishing sites detected in a quarter, topped only by the 164,032 phishing sites active in the first quarter of 2012.

READ  Is Synchrony Bank and PayPal Doing Something Fishy?

While the majority of phishing attacks are not personalized and are sent to as many potential victims as possible, targeted phishing — also known as spear-phishing — also occurs. In those cases, the attacker uses information about the recipient to create an even more convincing lure.

A well-crafted targeted phishing attack can defeat even the best security controls if an attacker is able to collect highly privileged login credentials.

There are some indicators to look out for to avoid being phished, but they require careful scrutiny and a high level of alertness. The original phishing email may have some clues — such as the fact that it outright asks for the user password. Users can verify that the site is using HTTPS and a legitimate SSL Certificate. All the spoofed sites OpenDNS observed happen to use HTTP, which is not a likely situation for any site that engages in financial transactions.

“If the wording is off or it’s blatantly asking for you to enter your password somewhere, it could be phishing,” OpenDNS said.

These attacks are not new, but they are beginning to look more legitimate with every iteration. Website builders and hosts such as Wix.com make it simple to create a professional-looking website quickly. While that is great for users interested in setting up their own sites, it is also tremendously beneficial for attackers who need to conjure up sites quickly and frequently.

“The difficulty of identifying the validity of these websites visually will soon be untenable,” OpenDNS said.

Related Articles:

This article originally appeared on Credit.com.

Source

Last step, fill out the information below or call us for Priority Assistance.

What problems are you having with your report?

Your first name is required. Your first name is required to be at least 2 characters. Your first name cannot be longer than 50 characters.
Your last name is required. Your last name is required to be at least 2 characters. Your last name cannot be longer than 50 characters.
Your email is required.
Your phone is required. Your 10 digit phone number is required.
Your state is required.
Your age is required. Your age must be greater than 18. Your age must be less than 100.

By clicking on the "Contact Me" button above, you consent, acknowledge, and agree to the following: Our Terms of Use and Privacy Policy and to receive electronic communications. We take your privacy seriously. That you are providing express "written" consent for Debt.com or appropriate service provider(s) to call you (including through automated means; e.g. autodialing, text and pre-recorded messaging) via telephone, mobile device (including SMS and MMS - charges may apply), even if your telephone number is currently listed on any internal, corporate, state or federal Do-Not-Call list. Consent is not required as a condition to utilize Debt.com services and you are under no obligation to purchase anything.

By clicking on the “Contact me” button above, you consent, acknowledge, and agree to the following: (1)That you are providing express “written” consent for Lexington Law Firm, Debt.com or appropriate service provider(s) to call you (including through automated means; e.g. autodialing, text and pre-recorded messaging) via telephone, mobile device (including SMS and MMS – charges may apply), or dialed manually, at my residential or cellular number, even if your telephone number is currently listed on any internal, corporate, state or federal Do-Not-Call list; and (2)Lexington Law’s Privacy Policy and Terms of Use and Debt.com’s Terms of Use and Privacy Policy. Consent is not required as a condition to utilize Lexington Law or Debt.com services and you are under no obligation to purchase anything.

About Research Department

Here is where you will find important stories located from around the web which can impact you and your financial life.

Share a Comment / Leave a Reply

%d bloggers like this: