PayPal Phishing Scam Spotted In The Wild
A new Phishing attack has bombed email addresses of many PayPal. The email begins with a sense of urgency that compels the user to check and check again whether the email sent is actually a scam or not according to the naked security. It asks the user to follow the instructions exactly as written.
It begins:
"As of the 3rd of November 2011, our security system has blocked unusual charges to a credit card linked to your account."
And concludes:
Through this Mal/Phish-A" the user can easily be tricked into giving up their personal information. According to a survey, 25 out of 500 people responded to a Phishing scam sent through email by filling the forms sent and surrendering their information."Sincerely, PayPal Account Review Team"
This phish takes advantage of PayPal's trusted name and explains that the breached account has been locked for your protection. It further describes that in order to access your account and your funds you need to download the provided attachment and fill out a form.
After the download is complete, the attachment opens into your web browser and it looks very real for a scamming site.
There are a few things you should consider to realize that this mail is actually meant to scam you.
1. There isn't a PayPal email address associated with the inbox which receives the phish.
2. It isn't really not from PayPal.
3. The culprit used a domain name pp-redacted-.com which doesn't have anything to do with PayPal.
Considering that this directly plays with the emotional side of your personality by convincing you that your funds are under attack, it clouds the judgement of many a people. However, we advise all our readers to keep a lookout for such phishing attacks.
Better safe than sorry! :)