Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Phishing scam targets PayPal

Phishing scam targets PayPal

by Nikola Strahija on August 13th, 2005 Phishers have used old school tehniques ways with a scam that tries to get victims to fax their banking details to fraudsters.


Scam emails, which pose as messages from online payment outfit Paypal, urge users to fax back account information instead of the more usual tactic of handing over details to a bogus website.

Victims are told the information is needed to investigate an alleged security breach involving an attempt to reset their password. The scam email instructs victims to download a Microsoft Word document on a Polish website. Recipients then have to complete with their bank account details (including PIN information), credit card numbers and login details before faxing back to what ostensibly appears to be a freephone number in the US.

Sophos has confirmed that the telephone number mentioned in the emails is hosting an active fax machine. It's unclear whether the phone is actually located in the States or is being redirected elsewhere.

-In the last few days we have seen a number of attempts by phishers to use this technique, and it's possible that some people who know that they need to be careful about entering their confidential information on a bogus website may think that completing and faxing back such a form is somehow safer, said Graham Cluley, senior technology consultant for Sophos.


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »