OFFICIAL SECURITY BLOG
March 27, 2014 | BY Christopher Boyd
A fake PayPal email, addressed “Dear PayPal”, with an attachment to fill in? What could possibly go wrong?
The email reads as follows:
Dear PayPal user,
We recently received a report of unauthorized credit card payment attempt associated with this account. To protect you against any further unauthorised payment attempts, we’ve limited access to your PayPal account.
Please take a minute to review the details below and what steps you need to take to remove the limits.
Details of disputed transaction
Case ID Number: PP-001-546-712-049
What to do next
Please download the form attached to this email and open it in a web browser.
Once opened, you will be provided with steps to restore your account access.
We appreciate your understanding as we work to ensure your account safety.
Please get back to us as soon as possible.
There are no other details for this transaction at this time.
Just like the spam from mid-February, this one comes with a zipped attachment:
Case ID Number PP-001-546-712-049
with a .html file inside called…well, you can probably guess what it’s called:
Case ID Number PP-001-546-712-049.html
The form asks for:
Email address, full name, PayPal password, DOB, billing address / town, county, postcode, home phone, credit / debit card number, expiry date, security code and sort code.
Of course, you shouldn’t fill this in or hit the “Send” button – just delete the attachment and send the mail to the spam folder.
No doubt these scammers will be back with a fresh ploy in the near future but for now, this one will hopefully have a low success rate.