Beware of fake PayPal "Account Access Limited" phishing email
Posted on 02 December 2013.
Fake PayPal emails claiming recipients will have limited access to their account because they didn’t provide enough information have been landing for the last few days in inboxes around the world.

The emails seem to target PayPal customers in the UK, although those located in other countries may inadvertently fall for the scam as well.

Equipped with the PayPal logo, the message is well-written and edited and really does seem, at first glance, as though it was sent by the popular e-payment company:


But if you know what to look for, a closer look will reveal that the sender’s email address is spoofed, the email is not personalized, and the recipient is asked to share information and follow an embedded link.

“When sending emails, PayPal will always address you by name, never ‘Dear Customer’, ‘Valued PayPal Member’ or other generic greetings. Be very cautious of any message purporting to be from PayPal that claims that you must click a link or open an attachment to update account details or fix an account issue,” instructs Hoax-Slayer.

The same advice also goes for emails apparently sent by any other legitimate online service of which you are a customer.

“If you receive such an email, do not click on any links or open any attachments that it contains. It is always safest to login to your PayPal account by entering the address into your browser's address bar rather than by clicking a link in an email,” he advises.

In this particular case, the link in the email leads first to a spoofed PayPal login page that will record and send the inputed users’ login credentials to the criminals behind this scheme, and then to another phishing page where the users are asked to enter their personal (contact) details and credit card information.

Needless to say, that will also be forwarded to the crooks, who will then have more than enough information to mount identity theft, credit card fraud, and PayPal account hijacking attacks targeting these particular users.

As the holidays slowly approach and people increasingly buy goods and services online, the likelihood of them being tricked by similar emails is increasing. So do a good deed and advise your loved ones of this particular danger.









Spotlight

The context-aware security lifecycle and the cloud

Posted on 25 November 2014.  |  Ofer Wolf, CEO at Sentrix, explains the role of the context-aware security lifecycle and illustrates how the cloud is shaping the modern security architecture.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Nov 26th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //