Are There Gremlins in That PayPal Email?

Are There Gremlins in That PayPal Email?

The post comes from Fahmida Y. Rashid at partner site

Faked PayPal email notifications directing recipients to malicious websites aren’t new. But cybercriminals are getting a lot better at executing them.

That’s shown by the discovery of a current phishing campaign designed to lure victims to click to a pair of very well-designed but faked PayPal websites.

The finding comes from researchers at OpenDNS, a free, ad-sponsored service for making faster, more secure website connections.

The fraudulent PayPal websites are virtually indistinguishable from the real, down to the images used on the login screen, the color palette, and the HTML code used in the page’s layout, the researchers found.

The faked sites were registered through a popular web hosting service and designed using the service’s extensive site-building tools, resulting in a professional and realistic-looking site. “An untrained observer might not notice and actually follow through with entering credentials,” OpenDNS researchers wrote.

More believable domain names

Even the domain names were selected to confuse victims. The phishers used site names such as “” and “” One forged domain, “,” was a “perfect clone of the legitimate site,” the researchers said.

Phishing refers to how attackers lure victims into handing over sensitive information such as user names, passwords and financial information. For the most part, phishing attacks begin with an email that appears to be from a legitimate source, whether it’s a person or a business, asking for specific pieces of information. This latest phishing campaign began with fake emails masquerading as official communications from the recipient falls for the trick and clicks on a link in the email, the victim is directed to a website — which looks legitimate — to enter the information. The Anti-Phishing Working Group, a global consortium of companies and agencies, counted 128,378 phishing sites in the second quarter of 2014. This is the second-highest number of phishing sites detected in a quarter, topped only by the 164,032 phishing sites active in the first quarter of 2012.

While the majority of phishing attacks are not personalized and are sent to as many potential victims as possible, targeted phishing — also known as spear-phishing — also occurs. In those cases, the attacker uses information about the recipient to create an even more convincing lure.

A well-crafted targeted phishing attack can defeat even the best security controls if an attacker is able to collect highly privileged login credentials.

There are some indicators to look out for to avoid being phished, but they require careful scrutiny and a high level of alertness. The original phishing email may have some clues — it outright asks for the user password. Users can verify that the site is using HTTPS and a legitimate SSL Certificate. All the spoofed sites OpenDNS observed happen to use HTTP, which is not a likely situation for any site that engages in financial transactions.

“If the wording is off or it’s blatantly asking for you to enter your password somewhere, it could be phishing,” OpenDNS said.

These attacks are not new, but they are beginning to look more legitimate with every iteration. Website builders and hosts such as make it simple to create a professional-looking website quickly. While that is great for users interested in setting up their own sites, it is also tremendously beneficial for attackers who need to conjure up sites quickly and frequently.

“The difficulty of identifying the validity of these websites visually will soon be untenable,” OpenDNS said.

More from

Read Next

It’s Worth Paying More for These 7 Things
It’s Worth Paying More for These 7 Things

Sometimes, the difference in quality makes it worthwhile to open your wallet a little wider.

7 Reasons You Should Not Move for Retirement
7 Reasons You Should Not Move for Retirement

Sunny skies and warm breezes sound great. But in reality, you might be better off retiring closer to home. Here’s why.

Make 20 Times More on Your Savings
Make 20 Times More on Your Savings

This online bank offers a way to build savings at a rate far above the national average.

View this page without ads

Help us produce more money-saving articles and videos by subscribing to a membership.

Get Started


Our Policy: We welcome relevant and respectful comments in order to foster healthy and informative discussions. All other comments may be removed. Comments with links are automatically held for moderation.

Trending Stories