It hasn’t been possible to verify whether this report of a clever PayPal phishing (fake email with the aim of defrauding) scam is true. But it’s worth sharing in case it comes your way.
But blog My Online Security has reported that a sophisticated PayPal related scam may be doing the rounds. As they say: “I received, what at first glance looked like a “normal” PayPal phishing email. It looked a typical email from a clueless phisher, using one of the phishing kits, with a standard email with a HTML form attachment. OK nothing weird or different, except all the obvious links in the HTML go to genuine PayPal sites.
The phishers are using a hidden JavaScript redirect method to steal the data, while the submit button still shows as going to PayPal.com. This is extremely dangerous and very difficult for an average user to defend against and know that they are passing information to a criminal.”
You can read the full post here. And do lets us know if you’ve seen anything similar. And, needless to say, be vigilant as per.
2 Responses
The first point to make is that nobody with any sense would open a link in one these vile phishing emails, under any pretext whatsoever.
We don’t even answer questions through email, only by going back to the relevant site’s message page and answering from there.
The first thing with any ‘paypal’ email, is to check where it comes from, and as this phishing one is from a ‘godaddy’ account, surely it should be obvious it’s a fake ?
I clicked on your link to the original article, but didn’t understand all the explanations and analysis of the email content.
What surprised me was that a serious website felt the need to go into such an explanation, when the origin of the email was godaddy and not paypal – can someone explain why the blog my online security were not wasting their time, and what makes this phishing email so sophisticated when a simple glance at who it was from will make it obvious it doesn’t originate from paypal ?