Over 200 million people have accounts on PayPal, making it a key target for internet fraudsters attempting to steal money.
One of the way that criminals try to get their hands on your cash is by phishing for your PayPal account details.
An aggressive campaign that we have seen widely spammed out in the last few hours does precisely that, pretending to be a security warning from PayPal.
From: "PayPal" <firstname.lastname@example.org>
Subject: Please confirm your identity
Attached file: update-account.html
February 22, 2011:Valued PayPaI Member, We have reasons to believe that your account was accessed by a third party. Because protecting the security of your account is our primary concern, we have limited access to sensitive PayPal account features. We understand that this may be an inconvenience but please understand that this temporary limitation is for your protection.
OPEN AND COMPLETE THE FORM ATTACHED IN THIS MESSAGE TO REGAIN ACCESS TO YOUR ACCOUNT.
Thank you for your time and understanding, PayPal Resolution Center.
Clicking on the HTML attachment will open your web browser, and might trick you into believing that you are on the genuine PayPal webpage.
However, this attack’s intention is to trick you into handing over your credit card details, full date of birth and name and address.
If you’re ever uncertain whether a message really comes from PayPal or not, visit the real PayPal website and log in as usual. If they really have a security message for you, you’ll be able to read it via the PayPal messaging system itself.
Sophos products intercept the emails being used in this latest phishing campaign, ensuring that customers are protected.Follow @gcluley