15/68 Monday, January 13, 2025
Fortinet, a leading cybersecurity company, has issued a warning about a new phishing campaign that deceives PayPal users by using highly convincing links that appear legitimate to gain unauthorized access to user accounts. The phishing emails are meticulously crafted to mimic genuine PayPal notifications, including details such as payment information, security warnings, sender addresses, and seemingly correct URLs.
When recipients click on the embedded links, they are directed to a PayPal login page that appears authentic but is configured to display a fraudulent payment request. If users unknowingly log in, their PayPal accounts may become linked to the attackers’ accounts without their knowledge.
According to reports, the attackers utilize free trial Microsoft 365 domains valid for three months to create deceptive email addresses and recipient accounts. An example of such an email address is Billingdepartments1[@]gkjyryfjy876.onmicrosoft.com, used to send payment requests to victims via the PayPal system. This tactic effectively bypasses PayPal’s security checks since the email addresses and URLs appear legitimate.
Victims of this campaign may find that their accounts have already been compromised and controlled by attackers. Fortinet experts urge users to remain vigilant when receiving unsolicited emails, even if they seem genuine. Users are advised to verify the authenticity of payment requests before taking any action.
This incident highlights the increasing complexity of modern phishing campaigns, which have evolved beyond traditional methods. It underscores the critical importance of fostering cybersecurity awareness to protect sensitive data and assets from ever-escalating threats.
Source https://securityaffairs.com/172935/cyber-crime/paypal-phishing-campaign-hijacks-accounts.html
