A New Phishing Campaign Targets PayPal Users via SMS

Phishing attacks show no signs of slowing down in the new year. A new campaign has been making the rounds, this time targeting PayPal users. The scammers are sending fake SMS messages in their attempt to phish out credentials.

The phishing attack uses plain old SMS messages to inform victims that their PayPal account has been "permanently limited". The scary but also very fake message is accompanied by a link to a very obviously fake PayPal verification form. Of course, the form is operated by the bad actors behind the scam and its only purpose is to hoover the credentials of anyone gullible enough to actually use it.

The premise of the phishing campaign is well thought-out. PayPal does indeed sometimes put limitations on certain user accounts but even the official PayPal help database says that this is primarily done with accounts that have been illegally accessed by third parties.

The fake PayPal login form does not even stop at scraping and stealing victim credentials. The unfortunate PayPal user is then dropped into additional fake forms and pages, where they are expected to fill in more sensitive personally identifiable information, including their real name, date of birth and, astonishingly even bank details.

Thankfully for many, this particular scam is so ham-fisted that it's relatively easy to dodge for anyone with a bit of common sense and a keen eye for detail. Even if we assume that PayPal has for some reason imposed some sort of limitation on our personal account and decide to see what this is about, the link is a dead giveaway that something is very wrong.

The domain has nothing to do with PayPal's official website or its subpages and is simply a jumble of badly spelled words. Even if we tap the link and simply check the URL of the page we land on afterwards, we'd still discover that the form we are entering our credentials in is actually located on pyplvryz dot com - a domain that has as much to do with PayPal as that of an online tackle and bait shop.

This sort of thing is the reason we keep reminding our readers that common sense and a good eye for detail are often worth more than the most sophisticated security suite. A huge number of frauds, phishing attempts and other assorted security-related headaches can be easily avoided if you pay attention to simple details such as the URLs of pages you land on or the poor spelling in many scams texts, whether they come in e-mails or text messages.

January 7, 2021