A newly discovered PayPal phishing scam attempts to steal much more than just a user’s login credentials for the online payments service.
Slovakian security firm ESET observed that the scam began by targeting users with an attack email warning them of unusual activity involving their account. The email urged recipients to click on an embedded link so as to secure their account and protect their financial information.
In instances of compliance, the scam redirected users to one of several websites that used PayPal-themed branding to reiterate the farce of unusual account activity. To its credit, these websites used clever names and valid SSL certificates to add a sense of legitimacy. Yet they nevertheless gave themselves away as fake by their use of non-PayPal domains, substandard English and CAPTCHAs.