A newly discovered phishing campaign shows cybercriminals impersonating (opens in new tab) PayPal while trying to scare victims into providing confidential information.
Cybersecurity researchers at email security company Avanan recently discovered a new campaign that has so far been relatively successful due to the fact that it contains no links.
Typically, phishing works by redirecting people to malicious websites via links shared in an email. In this campaign, however, there are no links present in the emails, which renders most email security solutions useless.
Two possible scenarios
It starts in a similar way to all other campaigns – the victim will receive an email claiming to be from PayPal, saying that they have purchased $500 worth of Dogecoin and that if they want to cancel the order they must call the number provided further below.
While we don’t know what happens if a victim actually calls this number, there are two possibilities. Either attackers try to persuade victims to provide sensitive information (e.g. PayPal login details or credit card information) or they “cancel” the Dogecoin pending order and go on with the day.
In the latter scenario, what attackers take is the victim’s phone number, which they can use to mount a more serious attack.
“Just one successful attack can lead to dozens of others,” the researchers said.
The phone number listed in the email is located in Hawaii, the researchers found, but chances are it’s just a routing number, and the actual threat actors are located elsewhere.
Big companies like PayPal or Microsoft are often represented by threat actors trying to trick people. To stay safe, it’s important to always verify the sender’s email address, make sure the email doesn’t contain any suspicious typos or spelling errors, and don’t click on any links or download any attachments.
Attachments are probably viruses (opens in new tab)or other forms of malware (opens in new tab).
Most large companies have instant messaging customer support as well as social media accounts which can be used to verify if they actually sent the email or not.
Through: tone guide (opens in new tab)