BEST OF THE WEB

OpenDNS sounds warning on the most sophisticated PayPal scam yet

OpenDNS Security Labs found an elaborate phishing campaign targeting users of the popular online payments processor PayPal, involving several fake websites set up with the intent to steal information.

The hackers behind the phishing scam set up imitation websites on Jan. 22 and Jan. 25 designed to fool users into handing over their login credentials. Chances are you’ve seen at least one PayPal phishing attempt come across your inbox – or hopefully your spam filter – but as OpenDNS explains, the attacks are getting more sophisticated all the time.

Take a look at the fake site:

PayPal-Phishing-site

Compared to the real site:

PayPal-Real-site

The fake sites set up used domains that appear similar to PayPal.com. To list a few: x-paypal.com, securitycheck-paypal.com, paypalinspection.com, area-paypai.es, and more.

Beyond just imitating the design and name of PayPal’s website, hackers actually coped HTML code directly from the legitimate website in order to make a convincing presentation.

OpenDNS says it’s reported the fraud to PayPal, and PayPal’s fraud and abuse department is working to take down the fake sites. OpenDNS has also blocked access to those domains for those who use its service to resolve name servers on the web.

While the attempts made by these phishers are quite convincing, there’s still an iron-clad method to avoid falling prey to an email that might direct you to such a site. If you do get an email from PayPal about your account, instead of clicking on the embedded link in the email, open a new browser tab and type in paypal.com to know you’re going directly to the source.

Brian Jackson
Brian Jacksonhttp://www.itbusiness.ca
Editorial director of IT World Canada. Covering technology as it applies to business users. Multiple COPA award winner and now judge. Paddles a canoe as much as possible.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITB in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web