Security researchers have uncovered a new phishing campaign that aims to steal as much personal data as possible.
The campaign starts with a phishing email informing the victim that their PayPal account has been locked due to their account being logged into from an unrecognised browser or device.
In order to verify their identity, victims are urged to click on the button “Secure and update my account now!” Upon clicking the button, victims are redirected to a phishing page which looks like the genuine PayPal login screen.
After logging in, a form is displayed asking for a vast amount of personal data including their full name, phone number, full credit card details including their CSC security number.
In addition, the victim is asked to upload their ID, Social Security number (SSN) or passport, in order to authenticate their identity. There is no confirmation after any uploads, thus victims may end up uploading more documents thinking that their previous attempts were invalid.
Whilst the initial email sender displays the name “Support,” when looking at the email address, it is clear that it is not legitimate.
Jan Kopriva, with the Computer Security Incident Response team at ALEF NULA, stated that despite reporting the phishing to PayPal, the malicious domains are still up and running.
“Over the years, phishing authors seem to have learned that once they hook a phish, they should try to get all the information they can from them. This is the reason why many current campaigns don’t stop after getting the usual credit card information, but go further,” said Kopiva.
Registration now OPEN for PrivSec Global
Taking place across four days from 30 Nov to 3 Dec, PrivSec Global, will be the largest data protection, privacy and security event of 2020.
Reserve your place before 2nd October, and receive VIP access to PrivSec Global which includes priority access to limited space sessions, workshops, networking opportunities and exclusive content.
We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.