3 min read

Spammers switch tactics by asking recipients to call toll-free numbers in PayPal phishing campaign

Alina BÎZGĂ

September 14, 2022

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Spammers switch tactics by asking recipients to call toll-free numbers in PayPal phishing campaign

PayPal scams come in all shapes and sizes, from email-based social engineering schemes to bogus posts and websites that try to trick customers into providing personal data, money and login information.

According to Bitdefender Antispam Lab, PayPal phishing emails are common, with antispam filtering technology flagging bogus correspondence impersonating the online payment system every month.

While most fraudulent correspondence is based on recycled email templates or texts, cyber crooks sometimes go off course to maximize profits and sneak past email filtering software or users’ phishing awareness and knowledge.

On Monday, Bitdefender Labs detected a new phishing campaign targeting PayPal users worldwide. The scam notification email is sent through PayPal's official system (service@paypal.com), allowing threat actors to generate and edit various invoices to trick unsuspecting users. By sending an official-looking invoice via compromised or free PayPal business accounts, scammers have endless opportunities to defraud consumers.

In one sample, the attackers tell recipients they have been charged $637 for security software from a well-known provider that is about to be delivered to a different email recipient.

The embedded link takes users to a PayPal webpage containing the invoice details and warns of suspicious activity on their account.

“There is evidence that your PayPal account has been accessed unlawfully,” the message reads. “Above amount has been debited to your account for the [redacted] Software Purchase.”

In this scam, cybercrooks were crafty enough to not use brick-and-mortar phishing tactics such as links or malicious attachments. Instead, they ask email users to call a fake toll-free phone number (in most samples).

Other variations include purchases for Walmart gift cards of $620 in value and purchases for digital currencies including Tether and Cardano.

Fraudulent phone numbers included in the correspondence include:

  • +1 (888) 870-2819
  • +1 (888) 870-3695
  • +1 (888) 870-4318
  • +1 (888) 870-4319
  • +1 (888) 870-5014
  • +1 (888) 870-5293
  • +1 (479) 343-9751

How to protect your data and money

Cybercrooks will do anything in their power to convince you that the correspondence you are reading is legitimate. To guard against a phishing attack, use your common sense and:

  • Head to your PayPal account to check for any new purchases and review your invoices or statements for suspicious activity before calling any numbers listed in the contact section of the message, even if they are toll-free numbers.

The scammers behind this attack have deliberately mentioned that the “transaction will appear in the automatically deducted amount on PayPal activity after 24 hours” to throw you off their trail.

  • Never provide sensitive data, including credit card details, personally identifiable or login credentials, via phone or other contact methods, and never download remote access software to "fix" the issue.
  • Notify the company of any misuse and suspicious activity via spoof@paypal.com or contact PayPal customer service via the official webpage

Ever wonder how spammers got your email address or phone number? Use Bitdefender Digital Identity Protection to find out if your personal information has been leaked online or has been part of a data breach to protect against identity theft, account takeover attacks and other privacy risks.

Bitdefender Digital Identity Protection continuously monitors your personal information, alerting you in real time in case of data breaches and leaks. This lets you immediately change your passwords and secure your accounts to prevent financial loss or even social media impersonation, which can ruin your reputation.

Managing your digital footprint has never been easier. With our dedicated privacy tool, you can:

  • Discover the extent of your digital footprint
  • Find out if your personal information has been exposed in legal and illegal collections of data
  • Benefit from 24/7 data breach monitoring for up to five email addresses
  • Get instant alerts to new breaches and privacy threats
  • Detect social media impersonators

tags


Author



Right now

Top posts

How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read
August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August 31, 2022

4 min read
Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

August 30, 2022

2 min read
What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

FIFA World Cup 2022: Scammers phish for personal data and Microsoft login credentials, Bitdefender Antispam Lab warns FIFA World Cup 2022: Scammers phish for personal data and Microsoft login credentials, Bitdefender Antispam Lab warns
Alina BÎZGĂ

November 23, 2022

3 min read
Crypto Users Beware: Scammers impersonate Binance in QR code phishing email scam spotted by Bitdefender Antispam Lab Crypto Users Beware: Scammers impersonate Binance in QR code phishing email scam spotted by Bitdefender Antispam Lab
Alina BÎZGĂ

November 18, 2022

3 min read
Cybercrooks Leverage Death of Queen Elizabeth II to Steal Users’ Microsoft Credentials Cybercrooks Leverage Death of Queen Elizabeth II to Steal Users’ Microsoft Credentials
Alina BÎZGĂ

September 15, 2022

2 min read