Hey you,
BE IN THE KNOW!

35,000 ransomware infections per month and you still believe you are protected?

Sign up to receive:

  • alerts
  • news
  • free how-to-remove guides

of the newest online threats - directly to your inbox:


Fake PayPal Pages Part of Financial Phishing Scams Increase

paypal-bug-stfMalware researchers continue to report fake web pages of the notorious online financial service PayPal to appear on user PCs. With the summer ending, online purchases via services such as Skrill or PayPal increase and phishing web pages increase accordingly. Such pages look identical to the original web page. However they belong to another web server which with the assistance of tracking cookies or malware collects the login username and password of the infected users.

How Do PayPal Pages Appear

There are several possibilities by which you can see a fake PayPal web page pop-up on your computer. The most effective one according to expert opinion is considered to be financial-stealing malware. Viruses, like the newly emerged DiamondFox botnet operation aim to replicate in a worm-like behavior just to steal financial information. Since such viruses have a lot of features added to them, because they are sold on the black market as whole kits, they may also have the feature of displaying a phishing page to get users to login their PayPal account via the fake web page. This may happen when they have detected users to try and login the official PayPal web-page or even randomly. Other malware of such type is the notorious BlackMoon banking Trojan as well as the infamous GozNym malware infection.

Another type of malware that may display these fake web pages is a Trojan horse that aims primarily to display malvertising and suspicious scamming as well as suspicious third-party advertisements to boost hoax traffic to other websites. One primary example is the Poshedo trojan that is reported to be very dangerous to the ones who get infected by it, because it can even infect the computers of it’s victims with ransomware.

Another very likely reason this virus may have been detected by users is called a Potentially Unwanted Program, otherwise known as PUP. Such software, may hijack your DNS address to collect information on what you browse and display to you targeted advertisements. It may also cause browser redirects one of which may be one of the many PayPal phishing scams.

How Do I Detect a Fake PayPal Web Page

Malware researchers, like Chris Campbell, MalwareHunterTeam and many others have recently begun tracking a lot of fake PayPal web pages, like the ones in the pictures below:

paypal-phishing-pages-sensorstechforum

At this stage, it is not yet confirmed whether or not these fake web pages are interconnected or not, but users better beware. The best method of protection from such nasty web pages is to always check two important details:

Detail 1: The address bar of your web browser.

fake-paypal-domain-address-bar-sensorstechforum

Detail 2: How the actual paypal.com web page looks like. The actual page of PayPal constantly becomes updated and it is good to compare it, because some phishing pages may modify the browser and display the official PayPal.com address in the address bar.

It looks primitively simple, however, many users tend to fast-click their way when they are browsing and even though this is how they are used to, it is considered generally unsafe. This is why it is strongly advisable to take extra care when browsing the web and always check the web link and in case you have detected a suspicious PayPal URL, like the ones below:

area-paypal[.]es
paypalinspection[.]com
x-paypal[.]com
paiiypal[.]com
update[.]paypal[.]com[.]kgreendesigns[.]co[.]za
paypalupdate[.]uploadppl[.]com
www[.]paypal[.]com-webapps-cgi-bin-webscr-login-access[.]com
paypalcomcgibinwebscrcmdloginsubmitdispatch58z8duft875dl80al[.]planetevents[.]co[.]in
security-paypal-center[.]com
redirectly-paypal[.]com
service-account-login[.]com
ervicesaccountpaypallimited[.]com

it is advisable to remove it using an advanced anti-malware program that will make sure to remove all threats on your computer besides the one causing these pages to appear and protect you from future ones as well.


See If Your System Has Been Affected by PayPal Phishing Malware

Download

Malware Removal Tool


Spy Hunter scanner will only detect the threat. If you want the threat to be automatically removed, you need to purchase the full version of the anti-malware tool.Find Out More About SpyHunter Anti-Malware Tool / How to Uninstall SpyHunter

Vencislav Krustev

A network administrator and malware researcher at SensorsTechForum with passion for discovery of new shifts and innovations in cyber security. Strong believer in basic education of every user towards online safety.

More Posts - Website

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...
Please wait...

Subscribe to our newsletter

Want to be notified when our article is published? Enter your email address and name below to be the first to know.