Warning: A New and Danger PayPal Phishing Scam Email

 

I just received PayPal email and it said “Please Update Your Account”,  its not from PayPal its fake but the problem its duplicated  Frighteningly as PayPal site even when you open the link that included you will not doubt its fake, so see the video to know what I’m talking about.

 

Read more

Paypal SCAM (phishing-attack) In Action (Video)

For more information about Paypal SCAM (phishing-attack) ( Click Here )

NEW “PAYPAL SCAM” Phishing Attacks

I received today a scam email about security problem with paypal account, the email contain links that redirect to fake page of paypal that when you put your paypal account it will be stolen.

Now I’ll show you pictures of the email and tha fake page .

 

• I translate the email with google translation :

• When I click on the link it will open the fake page look like this one :

• But the original page of paypal looks like this :

When I’m checking the fake site I got the script and I opened a file tha have the script that send the information for the scammers :

 

 

To protect your self from these kind of attack you should follow these steps :

 

1. Check the email address that you received from because some time they can use a correct email with any anonymous services.
2. See if the email sent directly to you for example the message that I received its says chers members paypal but not my name .
3. Check the contain links in the email and check the domain (URL) if its correct or not because they can use a domain looks like the original one like (original : www.paypal.com) (Fake: www.paypal.XXX.com or www.xxxx.com/paypal)
4. Last thing before you enter your account check if the page is encrypted with SSL system, the URL will be like this (https://www.xxxx.com) and you will see a locker appeared, see these pictures below to know how :

• for firefox
• for IE

To see PAYPAL SCAM (Phishing Attack) in action (Click here)

For any question please comment or contact us.

PayPal Fraud with CAPTCHA

It’s about time this technique comes in.. Content Security’s forecast that phishing with captcha would be an emerging fraudulent techniques.

 

CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) used to protect web sites against abusive automated softwares that can register, spam, login, or even splog. However, now a days that isn’t the case anymore.

 

Just like the traditional PayPal phish, the web page http://{BLOCKED}www.security-paypal.citymax.com/paypal_security.htmlasks the user to provide feedback from their Shopping by asking for their Name, E-mail Address and PayPal password as seen in Figure 1.

 

Figure 1: Screenshot of bogus PayPal phishing Feedback page

After which, a CAPTCHA image is shown and requires the user to enter the code indicated for spam prevention. However, after entering the user’s personal information, this could be used to create bogus mail accounts, among other things.

 

The phishing URL is already blocked by Trend Micro’s Smart Protection Network.

Source : trendmicro