Sometimes back Gmail users were targeted with a phishing scam while recently PayPal has been affected by a similar phishing attack. PayPal is one of the most used online payment systems in the world hence it is a perfect target for cyber criminals.The phishing scam was targeted to steal all the PayPal users login credentials, confirmed Eset, a cyber security firm.
In phishing attacks, email-hackers usually send fake emails to the users tricking them to click on links embedded email, and then steal all the needed information while fooling them through the illegal link. Similar to this , in this scam hackers sent fake emails tricking users into believing that their PayPal account has been limited and can be resolved through contacting the official PayPal and making them click on the illegallink embedded in the email. However, the bad grammer and syntax used in the email was indicator of the fact that email was sent through some suspicious way and not by the PayPal team.
After clicking on the login tab and filling all the login details with PayPal email and passwords users were taken on a website which looked like an official PayPal account but had nothing to do with PayPal , here warning page was displayed explaining how user's account was put on restriction and instructing them that in order to claim their account back they need to click on "continue " tab , this was just to fool users to take them to other website. Now after taking users to other official looking PayPal website, the website asks for users full address, city, state, zip/postal code, country, phone number, mother’s maiden name, date of birth and social security number (SSN). This kind of scams happen very frequently and this incident shows that Scammers were not only after PayPal credentials but were looking for more.
Since online payment systems never asks for users SSN number, unsuspecting users can identify a scam here.Cyber criminals are after user's family and financial details so to conduct large scale identity scam using their credentials or to carry some other scam on another network .
Although this scam uses a fake email to steal PayPal login, in the past scammers used government emails for similar scams. Also, there are several other scams targeting PayPal users including “Confirm new security question scam, suspicious activity scam, payment made without permission scam , changes to legal agreement scam, sending phishing links in text messages. However to protect yourself from phishing attacks never download any unknown file and never click on link sent by unknown sender and check Hackread’s exclusive report explaining how one can identify and protect themselves from phishing scams.
If you have an account on PayPal, it is advisable to log in to your PayPal account by entering the web address into your browser’s address bar or via an official PayPal app. The PayPal website has a verified green signature .