Hackers Use PayPal To Go Phishing

A new strain of yet another ransomware campaign has been discovered in which the malicious actors have expanded payment options beyond Bitcoin; they are instead offering alternatives (such as PayPal) that include a phishing link, according to MalwareHunterTeam.

Attackers are stealing a page from Daedalus and are killing two birds with one stone by including a link to make a payment. To obtain the decryption key, victims can follow the link to the PayPal phishing page, where their login credentials are stolen. The combination of two threat vectors makes this attack particularly dangerous for unsuspecting victims.

The new attack method combines “a ransom notes that direct victims to a PayPal phishing page...Clicking on the Buy Now button, it directs to the credit card part of the phish already (so the login part is skipped). After filling & clicking Agree comes the personal info part & then finished,” the team tweeted. Once that payment is processed, the victim receives a confirmation.

For victims who pay with Bitcoin, the threat actors also requested that victims send an email with a reference number, which is provided in the ransom.

“Malicious actors are continually becoming more sophisticated. With this particular campaign involving phishing as an immediate follow-up threat vector to the ransomware, this attack has the potential to cause significant harm,” said DomainTools’ senior security adviser, Corin Imai.

“Not only will victims be dealing with the impact of ransomware, but many will also be directed to a carefully crafted phishing site that will attempt to steal their credentials. 

“As seen in past attacks, ransomware campaigns have targeted individuals with the threat of releasing compromising content or rendering their computers useless, leaving victims feeling that they have no choice but to pay up. 

“The best advice in this scenario is to be hyper-vigilant, double-check URLs, and when in doubt, don’t click.”

Infosecurity:

You Might Also Read:

Cybercrime Gangs Continue To Innovate:

« Cyber Criminals Are Aiming At Business
Geo-Political Tensions Are Fuelling Cyber Attacks »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Awen Collective

Awen Collective

Awen Collective develops software-based tools for performing Digital Forensics, Incident Response and Cyber-Crime Investigation.

CyberWarrior

CyberWarrior

CyberWarrior deliver training and consulting for some of the world’s top brands and also partner with national systems integrators to augment their teams with our expertise.

Veritas Technologies

Veritas Technologies

Veritas provide industry-leading solutions that cover all platforms with backup and recovery, business continuity, software-defined storage and information governance.

Method Cyber Security

Method Cyber Security

Method offers a Cyber Security Risk Management training course for those responsible for the security of industrial automation, control and safety systems.

Crypto Quantique

Crypto Quantique

Crypto Quantique's ground-breaking technology radically simplifies the process of generating a hardware root of trust in an IoT device.

Wiser Market

Wiser Market

Wiser Market is a leading company in global online brand protection services, intellectual property protection, anti-Counterfeit & trademark infringements.

InGuardians

InGuardians

InGuardians is an independent information security consulting firm specializing in penetration testing, threat hunting, and hardware hacking.

Diaplous Group

Diaplous Group

Diaplous Group is a leading Maritime Risk Management (MRM) provider, delivering specialized services to an ever-broadening portfolio of shipping, oil & gas, energy and construction industries.

Aristi Technologies

Aristi Technologies

Aristi provides cybersecurity risk and compliance services to help manage your unique cyber risks, safeguarding your systems and data and complying with government and industry standards.

Wisetek

Wisetek

Wisetek is a global provider of end-to-end IT Asset Disposition (ITAD), reuse and secure data destruction management services to the world’s leading IT Corporations, data centres and manufacturers.

6clicks

6clicks

6clicks is an easy way to implement your risk and compliance program or achieve compliance with ISO 27001, SOC 2, PCI-DSS, HIPAA, NIST, FedRAMP and many other standards.

BlueAlly

BlueAlly

BlueAlly helps clients scale, optimize, and manage their IT resources to reach their business goals.

Imprivata

Imprivata

Imprivata is the digital identity company for life- and mission-critical industries, redefining how organizations solve complex workflow, security, and compliance challenges.

dWallet Labs

dWallet Labs

dWallet Labs is a cybersecurity company specializing in blockchain technology. We believe that the future of Web3 relies on cutting edge cryptography and unabated security.

CovertSwarm

CovertSwarm

Since 2020 CovertSwarm have been radically redefining how enterprise security risks are discovered. We outpace the cyber threats faced by our clients using a constant cyber attack methodology.

Cyro Cyber

Cyro Cyber

Cyro Cyber is a collective of some of the UK’s most experienced and savvy cybersecurity, information assurance, data protection, IT governance and compliance experts.