New PayPal phishing scam hooking victims

This PayPal scam is instead casting a wide net to obtain sensitive data from as many people as possible.
This PayPal scam is instead casting a wide net to obtain sensitive data from as many people as possible.

The research firm AppRiver is reporting a new PayPal phishing scam is making the rounds with this version using a phony security message to obtain personal identifiable information.

While spearphishing attacks have been grabbing most of the headlines lately, AppRiver researcher Troy Gill said the PayPal scam is instead casting a wide net to obtain sensitive data from as many people as possible. The supposed PayPal email informs the victim their account has been placed on a “limited” status with no activity allowed until certain information is confirmed.

The email has an HTML attachment that launches the recipient to a page where the personal data can be input, to include name, address, mother's maiden name, payment card information, Social Security number and phone number.

Gill said the HTML page is a dead giveaway that this is a scam, but an unknowledgeable person might not realize PayPal would simply direct someone to their account page.

You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS