Fortinet’s head of security, Carl Windsor, says that cybercriminals have created a new phishing attack using PayPal. It is a latest PayPal linked social engineering scam in which the attackers use an email address and URL which seems exactly like PayPal’s. Most people know to not check emails from unknown senders and some also check if a link is legitimate or not before clicking on it. Cybersecurity experts also recommend people to never open links if they are in emails sent from unknown companies or brands. If they want to check if the link is legitimate, just copy and paste the link in the browser.
Now the new PayPal phishing attempt isn't like traditional phishing attacks. Everything that the scammers are using, from URLs to the emails, are completely valid. So how is it possible? Windsor says that attackers are requesting money using a genuine PayPal address by circumventing the system. It is being said that scammers registered a MS365 domain and then created a distribution email with emails of victims. After that, the attackers went to Request Money from Anyone portal on PayPal and pasted all the email addresses from the distribution list. These emails then do not get flagged as malicious as they pass through all the authentication tools.
Inside the email, there is a PayPal link that seems legitimate and when users click on it, it takes them to the sign-in page of PayPal. Most of the time, users get panicked after receiving an email from PayPal and log in to their accounts to check their money. When the user logins their account, that's when the attackers link their accounts too. It is a neat trick by which scammers can easily take over a victim's account without them having a clue.
Fortinet CISO says that users should become a Human Firewall and get themselves trained that they should never open an unsolicited email no matter how real it looks. Even though some people cannot become Human Firewalls, they should still be suspicious of every email that comes your way.
Image: DIW-AIgen
Read next: Can Microsoft’s New Data Centers Truly Balance Water Savings and Energy Demands?
Now the new PayPal phishing attempt isn't like traditional phishing attacks. Everything that the scammers are using, from URLs to the emails, are completely valid. So how is it possible? Windsor says that attackers are requesting money using a genuine PayPal address by circumventing the system. It is being said that scammers registered a MS365 domain and then created a distribution email with emails of victims. After that, the attackers went to Request Money from Anyone portal on PayPal and pasted all the email addresses from the distribution list. These emails then do not get flagged as malicious as they pass through all the authentication tools.
Inside the email, there is a PayPal link that seems legitimate and when users click on it, it takes them to the sign-in page of PayPal. Most of the time, users get panicked after receiving an email from PayPal and log in to their accounts to check their money. When the user logins their account, that's when the attackers link their accounts too. It is a neat trick by which scammers can easily take over a victim's account without them having a clue.
Fortinet CISO says that users should become a Human Firewall and get themselves trained that they should never open an unsolicited email no matter how real it looks. Even though some people cannot become Human Firewalls, they should still be suspicious of every email that comes your way.
Read next: Can Microsoft’s New Data Centers Truly Balance Water Savings and Energy Demands?
