Hackers Use PayPal To Go Phishing

Uploaded on 2019-02-01 in GOVERNMENT-Law Enforcement, FREE TO VIEW, NEWS-News Analysis

A new strain of yet another ransomware campaign has been discovered in which the malicious actors have expanded payment options beyond Bitcoin; they are instead offering alternatives (such as PayPal) that include a phishing link, according to MalwareHunterTeam.

Attackers are stealing a page from Daedalus and are killing two birds with one stone by including a link to make a payment. To obtain the decryption key, victims can follow the link to the PayPal phishing page, where their login credentials are stolen. The combination of two threat vectors makes this attack particularly dangerous for unsuspecting victims.

The new attack method combines “a ransom notes that direct victims to a PayPal phishing page...Clicking on the Buy Now button, it directs to the credit card part of the phish already (so the login part is skipped). After filling & clicking Agree comes the personal info part & then finished,” the team tweeted. Once that payment is processed, the victim receives a confirmation.

For victims who pay with Bitcoin, the threat actors also requested that victims send an email with a reference number, which is provided in the ransom.

“Malicious actors are continually becoming more sophisticated. With this particular campaign involving phishing as an immediate follow-up threat vector to the ransomware, this attack has the potential to cause significant harm,” said DomainTools’ senior security adviser, Corin Imai.

“Not only will victims be dealing with the impact of ransomware, but many will also be directed to a carefully crafted phishing site that will attempt to steal their credentials. 

“As seen in past attacks, ransomware campaigns have targeted individuals with the threat of releasing compromising content or rendering their computers useless, leaving victims feeling that they have no choice but to pay up. 

“The best advice in this scenario is to be hyper-vigilant, double-check URLs, and when in doubt, don’t click.”

Infosecurity:

You Might Also Read:

Cybercrime Gangs Continue To Innovate:

« Cyber Criminals Are Aiming At Business
Geo-Political Tensions Are Fuelling Cyber Attacks »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Gigasoft

Gigasoft

Gigasoft provide secure online data backup & cloud backup services for the education sector and businesses.

Avast Software

Avast Software

Avast Software is a security software company that develops antivirus software and internet security services.

Ezenta

Ezenta

Ezenta is a Danish IT security consulting firm.

Cymbel

Cymbel

Cymbel provides businesses and government agencies with the tools and expertise they need to manage the most complex security and compliance challenges.

Intrasoft International

Intrasoft International

Intrasoft International is a leading European IT Solutions and Services Group offering a full range of IT services including Information Security.

Asseco Group

Asseco Group

Asseco Poland stands at the forefront of the multinational Asseco Group. We are a leading provider of state-of-the-art IT solutions in Central and Eastern Europe.

Calero Software

Calero Software

Calero is a leading global provider of Communications and Cloud Lifecycle Management (CLM) solutions designed to simplify the management of voice, mobile and other unified communications services.

42Gears

42Gears

42Gears is a leading Unified Endpoint Management provider. Secure, monitor and manage tablets, phones, desktops and wearables.

Hubraum

Hubraum

Hubraum is Deutsche Telekom’s tech incubator, helping startups to create new business opportunities in areas including data analytics, AI, robot process automation and cyber security.

Next Horizon

Next Horizon

In the Next Horizon incubator, new disruptive models are being developed in Industry 4.0, Automated Driving and Internet-of-Things.

Korn Ferry

Korn Ferry

Korn Ferry is a global organizational consulting firm, synchronizing strategy and talent to drive superior performance for our clients in key areas including cybersecurity.

Hunton Andrews Kurth

Hunton Andrews Kurth

Hunton Andrews Kurth LLP serves clients across a broad range of complex transactional, litigation and regulatory matters. Practice areas include Privacy and Cybersecurity.

Keysight Technologies

Keysight Technologies

Keysight is dedicated to providing tomorrow’s test technologies today, enabling our customers to connect and secure the world with their innovations.

SAM Seamless Network

SAM Seamless Network

SAM Seamless Network is a cybersecurity technology platform that protects the connected home, by tackling cyber security threats at the source.

Citadel Cyber Security

Citadel Cyber Security

Citadel is a leading 'One Stop Shop' provider of consulting services in cyber and information security. Our experts operate in hundreds of business organizations in Israel and around the world.

NXTsoft

NXTsoft

NXTsoft’s solutions help businesses secure, connect and optimize their data to maximize revenue opportunities, enhance profitability, and mitigate cybersecurity risk.