A new wave of attacks spotted by Bitdefender Labs uses hotlines to try to steal your personal information.
According to data collected by Bitdefender Labs, PayPal is part of hackers’ favorite arsenal. Indeed, many Phishing campaigns use the image of the company to try to extort your personal information.
Hardly a month goes by without new attempts involving PayPal’s name taking place. Scams can take quite a variety of forms (email, post on social networks, fake site, etc.) but they all aim to send you to a form that will ask you for your login details. Sometimes the message includes a link or an attachment which, when clicked, will trigger the download of malware.
A phishing email tricks you into calling support
But in early September Bitdefender Labs detected a new phishing campaign targeting PayPal users worldwide. The deception is effective because it sends a notification email using PayPal’s official system (firstname.lastname@example.org) via compromised or free PayPal business accounts.
In one of the emails circulating, the recipient is informed that his account has been debited with 637 dollars. A button allows him to see the details of his bill and confirms the purchase of well-known security software, the debit should occur within 24 hours.
A telephone number is made available to him in case he suspects that this transaction does not come from him.
There are several variants and some messages indicate, for example, that “Your PayPal account has been suspended due to suspicious activity. Please contact us immediately at 1-408-123-4567. We need to talk to you as soon as possible.”
Whatever the type of message, the mechanism is always the same and the goal is to encourage the Internet user to call so that he can get in touch with what he thinks is customer service. He is then asked to confirm that he is a PayPal customer and then to provide information relating to his account.
Organize the monitoring of personal data on the network
Distrust is a good way to deal with all these scams, and never providing your identifiers to anyone is the first precaution to take. In the case of PayPal, you can go to the help page made available by the service and inform them via email@example.com of the scam you think you have identified.
But if you receive this kind of email, it also means that a small audit of the confidentiality status of your personal data is necessary. Indeed, if spammers have used your address, your data is in the wrong hands. To fix this, you can use Bitdefender Digital Identity Protection. This tool scans the web, including the Dark Web, for any traces of your personal data.
No need to download or install anything, once your account is created, the exploration is started and you will get a complete view of your digital footprint. Even services you haven’t used in years but still keep track of you will show up.
Bitdefender Digital Identity Protection does not just provide you with an inventory, it also helps you implement the necessary measures (change of password, double authentication, etc.) and guides you step by step.
Monitoring is carried out in real time from a centralized dashboard to allow you to regain control over your personal data and guarantee you precious peace of mind.
This article was written in partnership with Bitdefender.