PayPal Phishing Scam Reported
Posted by: Timothy Weaver on 06/15/2016 03:19 PM
[
Comments
]
As reported by My Online Security, PayPal users are being targeted by a new phishing scam that is meant to steal their credential.
The user gets an email with a link supposedly to PayPal. If the link is clicked on, the user is sent to a PayPal site but at the same time, their log in credentials is sent to a different domain.
Javascript in the link is triggered once the page loads and all communication with PayPal is sent to the phishing domain.
Users are totally unaware of the fraud. Normally when you hover the mouse over a link, it will reveal the URL, but since it is hidden javascript, this no longer works.
Users are being warned that it is dangerous to unzip attachments, especially if they are exe files.
Source: SCMagazine
The user gets an email with a link supposedly to PayPal. If the link is clicked on, the user is sent to a PayPal site but at the same time, their log in credentials is sent to a different domain.Javascript in the link is triggered once the page loads and all communication with PayPal is sent to the phishing domain.
Users are totally unaware of the fraud. Normally when you hover the mouse over a link, it will reveal the URL, but since it is hidden javascript, this no longer works.
Users are being warned that it is dangerous to unzip attachments, especially if they are exe files.
Source: SCMagazine
Comments
