March 22, 2023

A phishing scam that involves hackers using PayPal accounts to send malicious invoices to potential victims discovered by the researchers from security firm Avanan

The scam involves hackers sending malicious invoices from PayPal’s domain, using a free PayPal account they have signed up for. The body of the emails sent spoof brands such as Norton to trick victims into thinking they were legitimate.

Resembling a similar scam that used fake invoices sent from Quickbooks detailed earlier this month, the PayPal invoices include messages such as “thank you for purchasing Norton Security Premium plan, if you have not authorized this transaction, please call us with your credit card details.”

Advertisements

Called a double spear attack, the scam makes the users call the number and, when it’s called, the hackers try to make the users pay the invoice, obtaining their credit card details in the process.

The researchers warn that anyone receiving an invoice should Google the number and check accounts to see if there were any charges. In a corporate setting, anyone receiving an invoice is urged to ask the information technology department about of the legitimacy of an email.

Tags:

Leave a Reply

You may have missed

Mandiant Report – Nation State Zero Day Exploits in 2022

Mandiant Report – Nation State Zero Day Exploits in 2022

March 22, 2023
Mispadu Banking Trojan

Mispadu Banking Trojan

March 22, 2023
DotRunpeX – Malware Injector Spreads in Wild

DotRunpeX – Malware Injector Spreads in Wild

March 21, 2023
Killnet Targets Healthcare Azure Resources

Killnet Targets Healthcare Azure Resources

March 21, 2023
NBA suffers a Data Breach – Third Party Provider Data Stolen

NBA suffers a Data Breach – Third Party Provider Data Stolen

March 21, 2023
Ferrari – Cyber Attack Ransom Demanded

Ferrari – Cyber Attack Ransom Demanded

March 21, 2023
%d bloggers like this: