SCAMMERS POSE AS PAYPAL SUPPORT ON TWITTER TO STEAL CUSTOMERS’ PASSWORDS
Cyber criminals are hijacking PayPal support threads on Twitter to steal customers’ details, according to security researchers.
Experts from Proofpoint found that scammers are setting up fake accounts and replying to customer queries in what they call angler phishing attacks.
Those behind the campaigns set up fake but realistic-looking PayPal accounts, reply to customers’ enquiries and send them to pages behind bit.ly links.
From there, victims are sent to realistic-looking PayPal login screens. If they enter their details, they are then in the hands of the cyber criminals.
“Hi [name], we sincerely apologise for this,” one account tweeted to a complaining customer. “In order to regain access to your account, please visit [link].”
The researchers said they had seen two accounts targeting PayPal customers so far.
“In both of these cases, the fraudulent but realistic Twitter handle, landing page and login screen create a convincing lure that can entice users to enter their PayPal credentials into the fraudulent page, providing scammers direct access to their accounts and any funds in them,” they said in a blog post explaining the scam.
“PayPal is aware of the issue and is working with Twitter to resolve it.”
The financial service is just the latest firm to be targeted by angler phishing attacks.
Last month, cyber criminals were found to be posing as NatWest’s support team on Twitter to try and send customers to phishing pages.
They offered to “help” customers contacting the bank by directing them to “verification” links that asked for their banking information.
When dealing with firms on social media, users are advised to check the accounts they are dealing with. A missing blue tick or low follower account can give a fake profile away.
If they are asked to follow a link and log in, a non-HTTPS address or free web host domain can be telltale signs that there is something amiss.