The new phishing and spoofing scam has taken away far more than just login credentials from PayPal.
To protect yourself and your organisation against such scams, understand phishing and spoofing. You also know how the latest phishing attack on PayPal took place.
“Phishing” is an attempt by fraudsters to “fish” by email for your personal / financial / investment information.
In general,’ phishing’ attempts come in the form of an email that claims to be from a very well-known organisation to win the confidence of the reader. You are then normally encouraged to click a link inside the email to a fake page intended to collect your knowledge.
While some e-mails due to poorly designed and bad grammar are very easy to recognise as bogus, others can look credible sources. However, in the ‘From’ area alone, you can not depend on the name or address, as this can be easily abused. For starters, look at the picture below, which looks like PayPal is coming to ask you to take some action.
However, one must be very vigilant about the destination of the link, i.e. if you hover on the link, then the validity of this email will be enough for you to recognise.
‘Phishing’ emails usually require you to click on a connexion that takes you back to a spoof website that appears similar to the one listed in an email, where you are asked to include, upgrade or validate confidential personal details, but it can be difficult to spot. Such emails can indicate a sense of urgency or threatening circumstances to spur you into action.
The data most often sought by such means may be:
- User ID / Passwords
- Bank Account Details
- Credit Card Details or CVV
- Or Other verification parameters
The new phishing and spoofing fraud that took away more than logins from PayPal
ESET researchers recently exposed an ongoing phishing scheme that, by claiming to be PayPal, stole all the important stuff.
As mentioned above, the attacker plotted the user by sending an warning message to your account “unusual behaviour,” protect it by clicking on the connexion offered.
When you pressed, it was routed to a tab that appeared like a PayPal website. After that, all the valuable things such as PayPal login credentials, address, debit / credit card numbers, etc. were taken away.
In the end, the intruder sends a message indicating that the account has been successfully recovered. Although the fact is that all of your data is with the attacker.
Website Counterfeit / Spoofing
Website spoofing is the act of constructing a website with the intention of carrying out deception as a hoax. Phishers use the titles, icons, graphics and even coding of the official website to make spoof pages appear real. The URL that appears in the address field at the top of your browser window and the Padlock icon at the bottom right-hand corner may also be bogus.
Fraudsters send e-mails with a connexion to a spoofed fake website demanding that you only update or validate and upload account-related details in the email. These emails also guide you to websites and pop-up windows that are fake and aim to capture your personal data.
This is done in order to access confidential account-related data, such as your user ID, password, bank information, etc.
One way to recognise a bogus website is to remember how you got there. If you type the URL into a new Web browser window, or cut and paste it, and it doesn’t take you to a real Web site, or you get an error message, it’s actually just a bogus Web site cover.
Best way to protect yourself from threats from phishing and spoofing
The most critical points to help define a legitimate website are below:
Check for the icon Padlock:
There is a standard element in the appearance of a Padlock icon in the browser bar across web browsers. This means the domain you are accessing, validated by the SSL Certificate Authority, is safe & stable. In short, with an SSL License, the website should be protected.
After the padlock has been tested, verify the type of SSL certificate used. Typically, on their website, the reputed website has an EV SSL Certificate.
But if it’s a phishing website, a free SSL certificate will only be used to trick the user. A phishing scam that used a Free SSL credential was recently blogged by Terence Eden, a UK-based technologist.
Check the URL of the webpage:
The URLs (online page addresses) begin with the letters ‘http’ while surfing the web. Nevertheless, the address shown over a safe network should start with “https”-note the” s “at the top.
You have to pay more attention to the shorter connexions. The attacker also uses shorter connexions provided by Bitly. These shortened connexions are used mostly for phishing operations on social media.
Email: Risks and immediate deadlines
Beware of emails from the intruder pretending to be a reputable organisation asking you to do something immediately or making any threats.
Recommended to read the email twice to watch out for spelling mistakes to punctuation. There are still some syntax mistakes in your phishing messages.
As a reputed business at times, something is desperately needed. EBay, for instance, demanded that the password be updated quickly following the 2014 data breach.
Cybersecurity is increasing exponentially as we realise, but at the same time, the attacker uses smart tac-ticks to deceive users (except for their English). They portray them as a respectable business and not just the login credentials, but also specifics of the wallet, address and much more.
So, finding such spam and protecting yourself from it is very difficult. What’s the hack to this issue, then? Users ought to be wary of spoofing and phishing. What we need to do is practise our observational abilities and be careful about cybersecurity.