My Online Security has reported of a new phishing scheme, directed at PayPal users. The scam involves misleading users into filling in their login details. The data is recorded, allowing hackers to break into the victim’s account.
The phishing scheme is conducted through spam emails. A bogus notification asks the recipient to enter a certain page on the payment platform. The message provides the link. It leads to the actual PayPal website, but the hackers get access to the information you enter in the login fields.
Research has determined that this is achieved through a malicious Javascript. The process is executed with the help of an HTML attachment. The result is having all entries sent to a different website. This keylogging technique is seamless. Users are not redirected from the PayPal domain at any point.
This phishing attack could lead to draining entire debit and credit cards before their owner realizes. The user will not find out his account has been hacked before checking his balance. The attackers simply enter accounts on people’s behalf. The My Online Security team explains that taking the usual precautions may not be of help. Checking if a link is legitimate is usually done by hovering the mouse cursor over it. However, in this instance, “This no longer is safe advice when hidden JavaScript redirection is used.”
The best course of action is to check the attachment itself. .EXE attachments are often cited as the source for malware and phishing attacks.
