Unfortunately, we’re back with another phishing scheme that’s making its way through your inboxes and phones.
We’ve covered phishing schemes extensively, but a new term is also emerging to describe fraud through your phone – smishing (a combination of SMS messages and phishing). While the term may seem a little lighthearted, it represents the very real threat of digital criminals making their way into your mobile apps.
Right now, hackers are attacking PayPal users with both smishing and email phishing techniques to get their hands on your valuable personal or business information. They’re able to do this by texting or emailing you that PayPal has limited or locked your account – that’s how it starts.
How Does This Scam Work?
At first glance, a message like this can trigger anxiety or panic. If a person isn’t aware of these online scams, they might immediately click on the link provided to fix it.
That’s their goal. You’re then led to a website that tricks you into putting your credentials in – not to unlock your account, but to add your information to their records.
According to MacPaw, the text often looks like this:
"Your Account PayPal Has Been Limited !
To get back into your PayPal account, you'll need to confirm your identity.
Click on the link below or copy and paste the link into your browser.
Confirm that you're the owner of the account, and then follow the instructions.
Bleeping Computers details that when you click on this fraudulent link, it will take you to a page that looks like the PayPal login. In the early stages of phishing schemes, it was pretty obvious if a page was legitimate or not by the design. Now digital criminals have leveled up their scamming skills, and it may be much harder to tell the difference between a fake and the real thing.
With an email, you can double check if it’s legitimate by looking at the sender email. Does it come from PayPal.com? For example, the sender name could be “PayPal Services,” but the actual email could be email@example.com. For texts, there may be an unnecessary sense of urgency in the message, such as:
“We’ve permanently limited your account, please click the link below to verify.”
If you click on this link, it will ask you to log in, and may even ask for additional information besides your credentials (For example: name, date of birth, address, etc.). The hackers will then have enough of your personal information (or even worse, business information) to access other accounts.
Why Did Hackers Choose PayPal?
Hackers chose to target PayPal for a couple of reasons:
- Close to 300 million people use PayPal, so it’s rife with potential targets.
- Many people use this platform for the majority of their personal and business transactions. This means there could be a decent amount of money in your account, ready to be transferred.
- Once inside your account, the hackers can transfer that money to themselves or other hackers on your “behalf.”
- PayPal users must have either a credit card or a bank account linked, and access to either (or even worse, both) is a recipe for disaster.
What Signs Should I Look For?
There are clear signs to help you identify when you are being scammed. If you look at the message being sent out, look for these red flags:
- Several obvious spelling or grammar errors
- Suspicious-looking email addresses
- Inconsistent names, such as saying Account PayPal rather than PayPal Account
- Using greetings like “Customer” as opposed to your name
- Messages that have a sense of urgency
- Know the companies policies. For example, PayPal says they will never ask you to send sensitive information through emails.
How Can We Avoid This?
To start off, your business and personal devices should always have the necessary anti-virus and malware software to keep them protected from day-to-day. It’s also important that your employees perform device updates as they come and use strong, generated passwords.
Companies should also consider investing in a managed services provider to monitor any suspicious activity, ensure overall protection and assist with day-to-day IT tasks.
If someone in your company has fallen for this attack or other schemes, specific steps need to be followed.
- Let your IT and leadership teams know, so they can take necessary steps and warn other employees.
- Contact the company that digital criminals are imitating (here, it would be PayPal.)
- Change your passwords immediately. We recommend using strong passwords that are randomly generated and keeping them in a password manager.
- Perform scans of your computer for any malware that may have infected your computer.
- Contact your bank to ensure they haven’t infiltrated your accounts or credit cards.