A New Text Message Scam Targets PayPal Users in the UK

PayPal Text Message Scam

Last week, we explained what smishing is and how it works. Today, we're going to see the attack in action, analyze it, and learn what we can do to avoid falling victim to it.

Casting the net

Reported by Tech.co, it would appear that the attack is targeting PayPal account owners in the UK. It's safe to say, however, that more or less the same scam could be aimed at users of any service in any corner of the globe. As you might imagine, it all starts with a text message that comes with a link.

At this point, we should probably point out that some people are all but immune to this attack. They still use feature phones that aren't connected to the Internet, and because of this, they can't follow the link in the SMS. For better or worse, however, very few people continue to use the mobile phones that have small screens and bring the "joy" of having to press the same button four times just so that you can type an "s."

Not only people with passionate hatred for modern technology can escape the trap. The more observant will also notice that the link in the SMS leads to pay-pail[.]com which isn't really the same as https://paypal.com – the URL you should be using when you're trying to log in to your PayPal account. Once again, however, few people are likely to spot the discrepancy and avoid falling victim.

This is what the message says:

"You sent a payment for 30.16 GBP to Lucy Parker. If you didn't authenticate this transaction check here"

Who is Lucy Parker and why is she getting a little over 30 of my hard-earned British pounds? This is the first thought that will likely cross your mind, and the threat of Ms. Parker receiving even more of your money will make you tap the link without thinking too much about the URL or, indeed, the awkward wording.

On the whole, it's far from the most sophisticated scheme we've ever seen, and sitting at home, you might be thinking that not a whole lot of users will fall for it. The fact of the matter is, however, that these types of attacks wouldn't exist if there weren't enough people taking the bait.

Collecting the information

Those that do fall for the scam are led to a login page that looks pretty much identical to the real thing. Put the two login forms side-by-side, and you'll probably see that the fake one has a few extra links, but you're unlikely to spot those if you're looking at your phone.

When you load paypal.com on a desktop computer, you'll notice that, along with the green padlock, you'll see "PayPal, Inc." in the address bar. This is because PayPal has bought an Extended Validation (or EV) certificate for its domain. Obviously, pay-pail[.]com can't have such a certificate as it's issued after extensive checks. This doesn't matter that much, though, because most mobile browsers don't display the owner of the EV certified domain anyway. Furthermore, pay-pail[.]com does have an SSL certificate meaning that the green padlock is present, and for most users, this is more than enough to convince them that everything is okay.

Tech.co followed the scam link and entered false credentials into the login form to see what would happen. As it turns out, the crooks want to steal quite a lot of information. After receiving the email address and password, the fake website asks you to verify your identity. To do so, you must provide:

  • Your name
  • Your home address
  • Your mother's maiden name
  • Your credit card number and expiry date
  • Your Verified by Visa password

You can see how badly wrong things could turn out if you let your guard down because you're thinking that you're in the process of losing 30 GBP. This, curiously enough, is what people fail to understand sometimes.

Fraudulent transactions are reversible in most cases. If you give away your personal data to the crooks, however, a refund is not possible. That's why, make sure you take every link you see in your inbox with a pinch of salt, and if you have even a modicum of doubt, don't open anything and ask the appropriate people (from PayPal, your bank, or the concerned service provider) to review the message.

By Duran
July 25, 2018
News
English
July 25, 2018
News

Popular Posts

As Fears of the Coronavirus Pandemic Spread, So Does...

4 years ago

Microsoft Warns State-Backed Threat Actors Are Using AI in...

4 days ago

Trojan Al11 Malware Detection & Removal - An Essential...

11 months ago

Pinaview is a Fully-Featured Adware App

10 months ago

"Your iCloud is Being Hacked" and "Your iPhone has Been...

7 months ago

What is Lucky Ransomware?

7 months ago

Related Posts

News

A Data Breach Affecting 21 Million Users Hits Timehop App

Timehop is an application that reminds you how embarrassing your old tweets and Facebook statuses are. It's now time for Timehop's creators to feel embarrassed because thanks to their sloppy security practices, they... Read more

July 11, 2018
News

MyHeritage HACKED! 92 Million Users Have Identity Stolen in the Data Breach

Have you heard of MyHeritage? It's an online genealogy platform, which can help curious users their family history. Sounds fun, right? You could be related to some ancient king, you never know. What's the harm in... Read more

July 10, 2018
Tips

What Is a Scam vs. What Is a Hack?

A young man in a hoodie, typing furiously on a laptop. If you believe the media coverage, this man is a hacker, and he's responsible for all the incidents that involve personal data falling into the wrong hands. But... Read more

May 8, 2018
English
Loading...

Cyclonis Backup Details & Terms

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Home

Products

Cyclonis Backup Cyclonis Password Manager Cyclonis World Time

Support

Help Files FAQs Downloads Inquiries & Support

Company

About Us Contact Us Report Abuse

Legal (Post Merger)

EnigmaSoft Limited (fka Cyclonis Limited)

Cyclonis Backup's Terms of Service Cyclonis Password Manager's EULA Cyclonis World Time's Terms of Service Privacy Policy Cookie Policy Special Discount Offer Terms Additional Terms & Conditions SpyHunter EULA RegHunter EULA EnigmaSoft Privacy Policy & Cookie Policy ESG Privacy Policy & Cookie Policy EnigmaSoft Discount Offer Terms ESG Discount Offer Terms

© 2017-2024 Cyclonis Ltd. CYCLONIS is a trademark of EnigmaSoft Limited (Cyclonis was merged into EnigmaSoft Limited effective November 25, 2023.) All rights reserved.

Registered Office EnigmaSoft Limited: 1 Castle Street, 3rd Floor, Dublin 2 D02 XD82, Ireland.
EnigmaSoft Limited, Private Company Limited by shares, Company Registration Number 597114.

Windows is a trademark of Microsoft, registered in the U.S. and other countries.
Mac, iPhone, iPad and App Store are trademarks of Apple Inc., registered in the U.S. and other countries.
iOS is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
Android and Google Play are trademarks of Google LLC.