Fake eBay invoice snares PayPal users
Once again, fake eBay invoices are being used as bait for PayPal phishing emails. We saw this technique used in January this year. It resurfaced this week. Tweaks have been made to the email used. The amount is different and some changes have been made to the wording of the email. We present it again because of the changes. We also present it to bring it to the awareness of our readers.
The invoice is a fake, and the email is bogus. Do not click on the link if you receive this email. Delete it. Be wary of emails claiming to be from PayPal. PayPal users are a favorite target for cyber criminals.
Figure A shows the email. The sender of the email is “PayPal”. The email address is spoofed. It looks like it comes from the PayPal email domain. The subject of the email is “Receipt for your Payment to AU-AdCommerce-EOM”. A realistic PayPal log is used. The footer of the email has a standard copyright notice. An Australian Business Number (ABN) is quoted.
A PayPal email identifier rounds off the email. The greeting used is “Hello”. There is a single link. There are several keywords in the email that look like link, but are plain text. There keywords are “Help” and “My Settings”.
The email informs the recipient of a payment to an account. The payment amount is listed as AUD $53.19. A heading under the invoice reads “Issues with this transaction?” This is a ruse. The next sentence reads “to cancel this payment click here”. The phrase “click here” is anchor text for a link to a malicious site. The malicious site steals user login credentials.
The main signs that this email is a fake are the greeting and the link. The greeting is not personalized. PayPal personalize their greetings. The second sign is the link. It does not lead back to PayPal. Delete this email if you receive it.
Scott Reeves
MailShark
Free anti-spam service
Free email filter service