A wave of PayPal phishing emails

A wave of PayPal phishing emails

Over 200 million people have accounts on PayPal, making it a key target for internet fraudsters attempting to steal money.

One of the way that criminals try to get their hands on your cash is by phishing for your PayPal account details.

An aggressive campaign that we have seen widely spammed out in the last few hours does precisely that, pretending to be a security warning from PayPal.

PayPal phishing email

From: "PayPal" <tax@ato.gov.au>

Subject: Please confirm your identity

Attached file: update-account.html

Message body:
When you will complete the document we have sent, remember to ALLOW javascript and ActiveX to run from the bar that will pop-up, otherwise we cannot verify the informations you have provided.

February 22, 2011:Valued PayPaI Member, We have reasons to believe that your account was accessed by a third party. Because protecting the security of your account is our primary concern, we have limited access to sensitive PayPal account features. We understand that this may be an inconvenience but please understand that this temporary limitation is for your protection.


Thank you for your time and understanding, PayPal Resolution Center.

Clicking on the HTML attachment will open your web browser, and might trick you into believing that you are on the genuine PayPal webpage.

Attached file steals PayPal information

However, this attack’s intention is to trick you into handing over your credit card details, full date of birth and name and address.

If you’re ever uncertain whether a message really comes from PayPal or not, visit the real PayPal website and log in as usual. If they really have a security message for you, you’ll be able to read it via the PayPal messaging system itself.

Sophos products intercept the emails being used in this latest phishing campaign, ensuring that customers are protected.