DE
DE EN
DE
DE EN
Kontakt
Anmeldung
Themen
Finanzen & Versicherung
Handel
Industrie
IT & Beratung
Tourismus
Transport
Recht
Öffentlich

Unusual phishing attack targets PayPal users

0
Teilen:

The associated emails are genuine payment requests from PayPal. In fact, however, the attacker has something else in mind.

ArticlePosted onCarl Windsor, CISO of the cybersecurity company Fortinet, explains in a new blog post about a rather unusual phishing method with which he himself was confronted. This concerns a payment request sent via PayPal. The associated email comes from the sender [email protected] and appears legitimate at first glance. Even the link included points to a real PayPal URL.

Job market
IT Administrator – Infrastructure and Project Management (m/f/d)
City of Nürtingen, Nürtingen
IT Specialist / Product Owner (m/f/d) – digital health administration / digital specialist applications … (m/f/d)
Bavarian State Office for Health and Food Safety, Bad Kissingen
Detail
In fact, the mail also comes from PayPal. However, their sending was triggered by an attacker whose goal is to hijack other people’s PayPal accounts. According to Windsor, he registered a test domain with Microsoft 365 that could be used free of charge for three months and created an e-mail distribution list with the addresses of the attack victims.

He then used the function “Request money” at PayPal and entered the distribution address, so that the corresponding mail ended up in the mailboxes of all persons from the distribution list. Using Microsoft 365’s Sender Rewriting Scheme (SRS) feature, he also had the sender address rewritten to pass common security checks such as SPF, DKIM, and DMARC, Windsor explains.

Please do not log in
Recipients who click on the payment link in the e-mail land on a PayPal website with the created payment request and are asked to log in with their access data. According to Windsor, however, the respective PayPal account is linked to the attacker’s address by logging in, which is also visible on the login page. “The fraudster can then take control of the victim’s PayPal account,” warns the Fortinet CISO.

Display
Although PayPal warns against common phishing methods on its website, the scam described by Windsor is not covered. The fact that the payment request is sent via PayPal and thus via a trustworthy e-mail address is likely to inspire dangerous trust in many a recipient.

In addition, registering with PayPal alone does not trigger a payment, so some users could classify this step as harmless. With the process described by Fortinet, however, the account would already be hijacked.

Windsor considers the best protective measure to be “the human firewall” – i.e. the training of users to be careful with questionable e-mails, no matter how genuine links or sender addresses may look.

Advertisement: Click here for Hacking & Security: The Comprehensive Handbook at Amazon

Quelle

Kommentar verfassen

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert

lade-bild
London, GB
1:27 am, Jan. 15, 2025
Wetter-Symbol 9°C
L: 8° | H: 9°
overcast clouds
Luftfeuchtigkeit: 92 %
Druck: 1034 mb
Wind: 8 mph WSW
Windböe: 0 mph
UV-Index: 0
Niederschlag: 0 mm
Wolken: 100%
Regen Chance: 0%
Sichtbarkeit: 6 km
Sonnenaufgang: 7:59 am
Sonnenuntergang: 4:20 pm
TäglichStündlich
Tägliche VorhersageStündliche Vorhersage
Today 9:00 pm
Wetter-Symbol
8° | 9°°C 0 mm 0% 3 mph 97 % 1035 mb 0 mm/h
Tomorrow 9:00 pm
Wetter-Symbol
5° | 9°°C 0 mm 0% 4 mph 97 % 1034 mb 0 mm/h
Fr. Jan. 17 9:00 pm
Wetter-Symbol
3° | 7°°C 0 mm 0% 4 mph 91 % 1035 mb 0 mm/h
Sa. Jan. 18 9:00 pm
Wetter-Symbol
2° | 7°°C 0 mm 0% 4 mph 87 % 1034 mb 0 mm/h
So. Jan. 19 9:00 pm
Wetter-Symbol
2° | 6°°C 0 mm 0% 4 mph 88 % 1025 mb 0 mm/h
Today 3:00 am
Wetter-Symbol
6° | 8°°C 0 mm 0% 3 mph 94 % 1034 mb 0 mm/h
Today 6:00 am
Wetter-Symbol
6° | 7°°C 0 mm 0% 2 mph 96 % 1034 mb 0 mm/h
Today 9:00 am
Wetter-Symbol
6° | 6°°C 0 mm 0% 3 mph 97 % 1035 mb 0 mm/h
Today 12:00 pm
Wetter-Symbol
9° | 9°°C 0 mm 0% 2 mph 88 % 1035 mb 0 mm/h
Today 3:00 pm
Wetter-Symbol
9° | 9°°C 0 mm 0% 3 mph 88 % 1034 mb 0 mm/h
Today 6:00 pm
Wetter-Symbol
7° | 7°°C 0 mm 0% 3 mph 96 % 1034 mb 0 mm/h
Today 9:00 pm
Wetter-Symbol
6° | 6°°C 0 mm 0% 2 mph 97 % 1034 mb 0 mm/h
Tomorrow 12:00 am
Wetter-Symbol
6° | 6°°C 0 mm 0% 3 mph 96 % 1034 mb 0 mm/h
Wetter von OpenWeatherMap
Name Preis24H (%)
Bitcoin(BTC)
€94,044.60
2.38%
Ethereum(ETH)
€3,126.85
2.49%
XRP(XRP)
€2.61
5.70%
Fesseln(USDT)
€0.97
-0.01%
Solana(SOL)
€181.89
2.44%
Dogecoin(DOGE)
€0.348878
4.93%
USDC(USDC)
€0.97
0.00%
Shiba Inu(SHIB)
€0.000021
2.19%
Pepe(PEPE)
€0.000016
2.61%
Peanut das Eichhörnchen(PNUT)
€0.60
4.05%
Erkennen und überwachen Sie IT-Schwachstellen mit nur einem Klick, bevor es zu spät ist.

Verbindung zum Dienstprogramm

Nützlicher Link

Newsletter

Folgen Sie uns

Facebook Twitter Youtube Linkedin

© 2025 risikomonitor.com gmbh

Nach oben scrollen