Threat Management

OpenDNS tracks PayPal spoofs built off

Multiple new phishing campaigns are leveraging's website creation services to spoof PayPal's legitimate site design and compromise victims' credentials.

Domains, including and, were registered in late January, according to an OpenDNS Security blog post. Both sites could pass for PayPal's legitimate website through their professional design. OpenDNS details five separate domains that switch up their designs to trick victims.

One of the sites,, attempts to spoof an Apple ID verification page, although Apple and PayPal are unrelated entities.

Another fake site is in Spanish, but sent to English speakers through a phishing email. In this case, some original content from PayPal servers is pulled onto the site.

OpenDNS reported the sites to PayPal and is coordinating with the company's Fraud and Abuse Department to take down the malicious spoofs.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.