DE
DE EN
DE
DE EN
Kontakt
Anmeldung
Themen
Finanzen & Versicherung
Handel
Industrie
IT & Beratung
Tourismus
Transport
Recht
Öffentlich
Cyber Insurance

Unusual phishing attack targets PayPal users

0
Teilen:

The associated emails are genuine payment requests from PayPal. In fact, however, the attacker has something else in mind.

ArticlePosted onCarl Windsor, CISO of the cybersecurity company Fortinet, explains in a new blog post about a rather unusual phishing method with which he himself was confronted. This concerns a payment request sent via PayPal. The associated email comes from the sender [email protected] and appears legitimate at first glance. Even the link included points to a real PayPal URL.

Job market
IT Administrator – Infrastructure and Project Management (m/f/d)
City of Nürtingen, Nürtingen
IT Specialist / Product Owner (m/f/d) – digital health administration / digital specialist applications … (m/f/d)
Bavarian State Office for Health and Food Safety, Bad Kissingen
Detail
In fact, the mail also comes from PayPal. However, their sending was triggered by an attacker whose goal is to hijack other people’s PayPal accounts. According to Windsor, he registered a test domain with Microsoft 365 that could be used free of charge for three months and created an e-mail distribution list with the addresses of the attack victims.

He then used the function “Request money” at PayPal and entered the distribution address, so that the corresponding mail ended up in the mailboxes of all persons from the distribution list. Using Microsoft 365’s Sender Rewriting Scheme (SRS) feature, he also had the sender address rewritten to pass common security checks such as SPF, DKIM, and DMARC, Windsor explains.

Please do not log in
Recipients who click on the payment link in the e-mail land on a PayPal website with the created payment request and are asked to log in with their access data. According to Windsor, however, the respective PayPal account is linked to the attacker’s address by logging in, which is also visible on the login page. “The fraudster can then take control of the victim’s PayPal account,” warns the Fortinet CISO.

Display
Although PayPal warns against common phishing methods on its website, the scam described by Windsor is not covered. The fact that the payment request is sent via PayPal and thus via a trustworthy e-mail address is likely to inspire dangerous trust in many a recipient.

In addition, registering with PayPal alone does not trigger a payment, so some users could classify this step as harmless. With the process described by Fortinet, however, the account would already be hijacked.

Windsor considers the best protective measure to be “the human firewall” – i.e. the training of users to be careful with questionable e-mails, no matter how genuine links or sender addresses may look.

Advertisement: Click here for Hacking & Security: The Comprehensive Handbook at Amazon

Quelle

Kommentar verfassen

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert

lade-bild
London, GB
12:32 am, März 27, 2025
Wetter-Symbol 8°C
L: 6° | H: 9°
aufgelockerte Bewölkung
Luftfeuchtigkeit: 82 %
Druck: 1024 mb
Wind: 5 mph W
Windböe: 9 mph
UV-Index: 0
Niederschlag: 0 mm
Wolken: 37%
Regen Chance: 0%
Sichtbarkeit: 10 km
Sonnenaufgang: 5:46 am
Sonnenuntergang: 6:24 pm
TäglichStündlich
Tägliche VorhersageStündliche Vorhersage
Today 9:00 pm
Wetter-Symbol
6° | 9°°C 0 mm 0% 9 mph 90 % 1024 mb 0 mm/h
Tomorrow 9:00 pm
Wetter-Symbol
7° | 12°°C 1 mm 100% 13 mph 93 % 1015 mb 0 mm/h
Sa. März 29 9:00 pm
Wetter-Symbol
4° | 12°°C 0 mm 0% 9 mph 78 % 1023 mb 0 mm/h
So. März 30 9:00 pm
Wetter-Symbol
7° | 17°°C 0 mm 0% 10 mph 82 % 1024 mb 0 mm/h
Mo. März 31 9:00 pm
Wetter-Symbol
8° | 15°°C 0 mm 0% 8 mph 86 % 1028 mb 0 mm/h
Today 3:00 am
Wetter-Symbol
8° | 9°°C 0 mm 0% 4 mph 86 % 1024 mb 0 mm/h
Today 6:00 am
Wetter-Symbol
8° | 8°°C 0 mm 0% 4 mph 90 % 1023 mb 0 mm/h
Today 9:00 am
Wetter-Symbol
11° | 11°°C 0 mm 0% 6 mph 69 % 1023 mb 0 mm/h
Today 12:00 pm
Wetter-Symbol
16° | 16°°C 0 mm 0% 7 mph 51 % 1021 mb 0 mm/h
Today 3:00 pm
Wetter-Symbol
17° | 17°°C 0 mm 0% 9 mph 47 % 1018 mb 0 mm/h
Today 6:00 pm
Wetter-Symbol
15° | 15°°C 0 mm 0% 7 mph 60 % 1017 mb 0 mm/h
Today 9:00 pm
Wetter-Symbol
12° | 12°°C 0 mm 0% 6 mph 78 % 1017 mb 0 mm/h
Tomorrow 12:00 am
Wetter-Symbol
10° | 10°°C 0 mm 0% 7 mph 82 % 1015 mb 0 mm/h
Wetter von OpenWeatherMap
Name Preis24H (%)
Bitcoin(BTC)
€80,865.38
-0.87%
Ethereum(ETH)
€1,870.64
-2.91%
Fesseln(USDT)
€0.93
-0.01%
XRP(XRP)
€2.19
-4.19%
Solana(SOL)
€127.61
-4.62%
USDC(USDC)
€0.93
0.00%
Dogecoin(DOGE)
€0.180391
1.11%
Shiba Inu(SHIB)
€0.000013
1.35%
Pepe(PEPE)
€0.000007
5.81%
Peanut das Eichhörnchen(PNUT)
€0.214428
7.85%
Risikomonitor
Erkennen und überwachen Sie IT-Schwachstellen mit nur einem Klick, bevor es zu spät ist.

Verbindung zum Dienstprogramm

Nützlicher Link

Newsletter

Folgen Sie uns

Facebook Twitter Youtube Linkedin

© 2025 risikomonitor.com gmbh

Nach oben scrollen