Many PayPal users have seen their fair share of phishing emails ever since they signed up for the service. Being a financial service, PayPal is a high value target for criminal organizations.
Recently, a new phishing scam has been making the rounds that breaks with one of the fundamental tips to avoid being phished. You may have heard it before: one of the easiest options to identify most phishing emails is to look at the sender email. Yes, experienced users know that this is not perfect, but it can be used to weed out a good percentage of phishing mails straight away.
This new PayPal phishing scam passes that test, as its sender email appears to be [email protected]. This is a legitimate email that PayPal users for communication with its customers.
Surprisingly, this is not the first time that scammers used PayPal systems to send phishing emails from legitimate PayPal emails.
The email states that a new address was added to the PayPal account in question. It lists the address and also information about shipment changes for a MacBook M4 Max. It contains a phone number that is supposedly from PayPal support as well.
So, how is that email coming from PayPal you may ask. The answer might surprise you. Now, anyone may add multiple addresses to PayPal. These “gift addresses” may then be picked when you purchase goods on the Internet using PayPal.
When you add a new address, you are asked to add the street and number, zip and city. You may also add a second address line, and this is what the scammers use. You see, this line is not limited in characters. Instead of adding address information, they add the entire paragraph about the MacBook and the PayPal support number there.
PayPal sends the email to the linked account. The scammers create redirects for that original email address to forward the email to other PayPal users. Bleeping Computer has the details, but they use mailing lists and automation for that.
So, the process up to this stage is as follows:
- The scammers sign-in to one of their PayPal accounts.
- They add a second address to the account.
- They add the scam message in the second address field.
- PayPal sends the mail to the linked email address of the account.
- Automated systems forward the PayPal email to emails from a mailing list.
This email lands in your inbox then. You see that the mail seems to be coming from PayPal. You have probably not added a secondary address to your account just now, and even if you did, it was probably not the one listed in the email. That leaves a hacked account as a possibility.
The scammers hope that you come to that conclusion. They also hope that you do not do something rational, like opening the PayPal website manually, signing in to your account, and checking the settings to see if there is a new address or notification from PayPal.
They hope that you call the phone number that is included in the address update. This is not an official support number, but one that the scammers operate. Once you call, they try to get you to install software on your systems. One common strategy to get callers to fall for the scam is to apply pressure by scaring them.
Best way to avoid these scams
All in all, it is best to avoid clicking on links in emails, opening attachments, or using any information displayed in emails, especially if you suspect them to be potential phishing emails.
Open the website of the service or the official app manually. You should be able to verify the claims made in those emails, and also contact support, provided that the service is offering any type of support.
Summary
Article Name
There is a new PayPal Phishing Scam that you need to know about (using real PayPal emails)
Description
A new scam uses PayPal’s own systems to send out phishing emails that use a legitimate PayPal email address.
Author
Martin Brinkmann
Publisher
Ghacks Technology News
Logo
Advertisement
){kind=link}