Sophos Cloud Optix
Over 200 million people have accounts on PayPal, making it a key target for internet fraudsters attempting to steal money.
One of the way that criminals try to get their hands on your cash is by phishing for your PayPal account details.
An aggressive campaign that we have seen widely spammed out in the last few hours does precisely that, pretending to be a security warning from PayPal.
From: "PayPal" <tax@ato.gov.au>
Subject: Please confirm your identity
Attached file: update-account.html
Message body:
When you will complete the document we have sent, remember to ALLOW javascript and ActiveX to run from the bar that will pop-up, otherwise we cannot verify the informations you have provided.February 22, 2011:Valued PayPaI Member, We have reasons to believe that your account was accessed by a third party. Because protecting the security of your account is our primary concern, we have limited access to sensitive PayPal account features. We understand that this may be an inconvenience but please understand that this temporary limitation is for your protection.
OPEN AND COMPLETE THE FORM ATTACHED IN THIS MESSAGE TO REGAIN ACCESS TO YOUR ACCOUNT.
Thank you for your time and understanding, PayPal Resolution Center.
Clicking on the HTML attachment will open your web browser, and might trick you into believing that you are on the genuine PayPal webpage.
However, this attack’s intention is to trick you into handing over your credit card details, full date of birth and name and address.
If you’re ever uncertain whether a message really comes from PayPal or not, visit the real PayPal website and log in as usual. If they really have a security message for you, you’ll be able to read it via the PayPal messaging system itself.
Sophos products intercept the emails being used in this latest phishing campaign, ensuring that customers are protected.
I've received these e-mails several times purportedly from PayPal, but didn't fall for it. However, someone did hack my Visa number last year and used it to run up about $2000 in charges. This had to be from some online site, as I don't use my Visa card otherwise. Scary stuff, but Visa made good and refunded the fraudulent charges eventually. I immediately got a new card and number. I hate to think of how many people actually fall for this scam.
One of the biggest clues to these phishing emails is the lack of correct English grammar and spelling. You'd think these idiots would at least TRY to make it appear more legit.
Real mail from PayPal is always addressed to you by name, which gives you a really good clue for spotting fakes.
Also, if you receive a phishing email be sure to tell the company involved.
Strange how it's coming from the 'Australian Taxation Office' yet it still says Paypal?
When I had an active paypal account, I use to get these all the time. I only used paypal for ebay purchases but don't buy from ebay or use paypal anymore.
I've had to close out numerous yahoo email accounts because I kept getting phishing emails from spammers using legit companies. I stopped using yahoo as an email source. I've been using gmail, so far no problems.
Ah, but is this a real genuine article, or is this a ruse saying pay pal is otherwise safe to use, and don't make corrections to your account so we can continue to steel from it:) LOL
I didnt fall for the false query either, but it is good to know that people like Graham are posting these things to keep us all in the know. The dead giveaway for me was the .gov.___The second DOT was the first clue.
Thanks Dude!!