EN
EN DE
EN
EN DE
Contact Us
Sign Up
Topics
Finance & insurance
Trade
Industry
IT & Consulting
Tourism
Transport
Law
Public

Unusual phishing attack targets PayPal users

0
Share:

The associated emails are genuine payment requests from PayPal. In fact, however, the attacker has something else in mind.

ArticlePosted onCarl Windsor, CISO of the cybersecurity company Fortinet, explains in a new blog post about a rather unusual phishing method with which he himself was confronted. This concerns a payment request sent via PayPal. The associated email comes from the sender [email protected] and appears legitimate at first glance. Even the link included points to a real PayPal URL.

Job market
IT Administrator – Infrastructure and Project Management (m/f/d)
City of Nürtingen, Nürtingen
IT Specialist / Product Owner (m/f/d) – digital health administration / digital specialist applications … (m/f/d)
Bavarian State Office for Health and Food Safety, Bad Kissingen
Detail
In fact, the mail also comes from PayPal. However, their sending was triggered by an attacker whose goal is to hijack other people’s PayPal accounts. According to Windsor, he registered a test domain with Microsoft 365 that could be used free of charge for three months and created an e-mail distribution list with the addresses of the attack victims.

He then used the function “Request money” at PayPal and entered the distribution address, so that the corresponding mail ended up in the mailboxes of all persons from the distribution list. Using Microsoft 365’s Sender Rewriting Scheme (SRS) feature, he also had the sender address rewritten to pass common security checks such as SPF, DKIM, and DMARC, Windsor explains.

Please do not log in
Recipients who click on the payment link in the e-mail land on a PayPal website with the created payment request and are asked to log in with their access data. According to Windsor, however, the respective PayPal account is linked to the attacker’s address by logging in, which is also visible on the login page. “The fraudster can then take control of the victim’s PayPal account,” warns the Fortinet CISO.

Display
Although PayPal warns against common phishing methods on its website, the scam described by Windsor is not covered. The fact that the payment request is sent via PayPal and thus via a trustworthy e-mail address is likely to inspire dangerous trust in many a recipient.

In addition, registering with PayPal alone does not trigger a payment, so some users could classify this step as harmless. With the process described by Fortinet, however, the account would already be hijacked.

Windsor considers the best protective measure to be “the human firewall” – i.e. the training of users to be careful with questionable e-mails, no matter how genuine links or sender addresses may look.

Advertisement: Click here for Hacking & Security: The Comprehensive Handbook at Amazon

Source

Leave a Comment

Your email address will not be published. Required fields are marked *

loader-image
London, GB
8:57 pm, Jan 14, 2025
weather icon 9°C
L: 8° | H: 10°
overcast clouds
Humidity: 90 %
Pressure: 1034 mb
Wind: 6 mph WSW
Wind Gust: 0 mph
UV Index: 0
Precipitation: 0 mm
Clouds: 100%
Rain Chance: 0%
Visibility: 10 km
Sunrise: 8:00 am
Sunset: 4:18 pm
DailyHourly
Daily ForecastHourly Forecast
Today 9:00 pm
weather icon
8° | 10°°C 0 mm 0% 4 mph 91 % 1034 mb 0 mm/h
Tomorrow 9:00 pm
weather icon
6° | 9°°C 0 mm 0% 3 mph 97 % 1035 mb 0 mm/h
Thu Jan 16 9:00 pm
weather icon
5° | 9°°C 0 mm 0% 4 mph 96 % 1034 mb 0 mm/h
Fri Jan 17 9:00 pm
weather icon
4° | 8°°C 0 mm 0% 5 mph 92 % 1035 mb 0 mm/h
Sat Jan 18 9:00 pm
weather icon
2° | 7°°C 0 mm 0% 3 mph 90 % 1033 mb 0 mm/h
Today 9:00 pm
weather icon
7° | 9°°C 0 mm 0% 4 mph 91 % 1034 mb 0 mm/h
Tomorrow 12:00 am
weather icon
8° | 9°°C 0 mm 0% 3 mph 93 % 1034 mb 0 mm/h
Tomorrow 3:00 am
weather icon
7° | 8°°C 0 mm 0% 3 mph 95 % 1033 mb 0 mm/h
Tomorrow 6:00 am
weather icon
6° | 6°°C 0 mm 0% 2 mph 96 % 1034 mb 0 mm/h
Tomorrow 9:00 am
weather icon
7° | 7°°C 0 mm 0% 3 mph 97 % 1035 mb 0 mm/h
Tomorrow 12:00 pm
weather icon
9° | 9°°C 0 mm 0% 2 mph 89 % 1034 mb 0 mm/h
Tomorrow 3:00 pm
weather icon
9° | 9°°C 0 mm 0% 2 mph 89 % 1033 mb 0 mm/h
Tomorrow 6:00 pm
weather icon
7° | 7°°C 0 mm 0% 2 mph 95 % 1034 mb 0 mm/h
Weather from OpenWeatherMap
Name Price24H (%)
Bitcoin(BTC)
€94,082.56
3.46%
Ethereum(ETH)
€3,133.41
4.64%
XRP(XRP)
€2.59
6.44%
Tether(USDT)
€0.97
0.01%
Solana(SOL)
€181.79
3.05%
Dogecoin(DOGE)
€0.345731
7.22%
USDC(USDC)
€0.97
0.00%
Shiba Inu(SHIB)
€0.000020
3.83%
Pepe(PEPE)
€0.000017
5.34%
Peanut the Squirrel(PNUT)
€0.60
14.93%
Know and monitor IT vulnerabilities with just one click before it is too late.

Utility link

Useful link

Newsletter

Follow Us

Facebook Twitter Youtube Linkedin

© 2025 risikomonitor.com gmbh

Scroll to Top