Phishers seem to be getting more ‘clever’ on how to draw in their prey. In their article, Inside a PayPal Phishing Site, InformIT explains how these criminals are ‘validating’ your credentials before stealing your information. Yes, that’s right! They’re using canned phishing packages that are ‘intelligent’ enough to check if the info you’re providing is valid or not.
It’s sad to see that there are PHP developers who utilize their programming abilities to create packages that will help ruin decent people’s lives… seriously.
Anyway, although the article gets pretty technical, I’d recommend you to read it (it’s very interesting); however, I’ll try to explain it here in simple words.
The victim gets an email supposedly from PayPal. This email reads something like this:
Please update your billing records or your account will be suspended. Thanks!
The victim, naturally, will freak out and click on the links provided in the email in order to ‘update’ their account and avoid getting their account suspended.
The victim will see a page that looks like a legitimate PayPal site. But just in case, and to test if this is a real PayPal site, the victim may input fake data in the corresponding fields. To the victim’s surprise, the fake data didn’t validate and they get a message similar to this:
The information you entered doesn’t match our records. Please try again.
Because of this, the victim thinks “well, that didn’t work… so it must be the real thing.”
Well, it’s not.
How does it work?
Well, the victim enters their info in the respective fields, then when they click the Log In button, the fake site sends a request to the PayPal site (yes, the original site) with the information the victim just entered, and if the information returned by the PayPal site validates, then the fake site will present the victim with another page where they will be asked to fill in the fields with their sensitive info and submit it. The victim’s information, instead of being sent to PayPal, is sent to the phisher’s email address or a remote database. Swell, NOT!
What can you do to avoid this?
If you have a PayPal account and you ever get an email that seems to be from them urging you to update your information, don’t click on any links in that email. Instead, and if in doubt, contact PayPal directly and ask them if they are sending this kind of emails.
If you happen to click on any link in the email, make sure you’re redirected to the PayPal website. How? check your address bar, the domain name should read like this:
If it doesn’t, and it looks something like this (remember, this is just an example of how the URL of the fake PayPal site may look like):
you’re being spoofed and should leave the website immediately. Also, contact PayPal and report the fraudulent site. PayPal has a page with more instructions on how you can protect yourself from fraudulent emails, and how you can report them.
You can follow these precautions if you receive fake emails supposedly coming from other financial institutions.
Hope this helps.
4 Comments
I want your blog format. If I ever see you on the street, I’m taking it from you.
Hehe, cool thanks!
H Juan,
This was a really informative and timely article. I have been receiving such emails but I sensed that they were “phishy”. I posted on it and sent you some link love. Keep up the good work.
Thank you, TT!
Yeah, just keep and eye opened because these douche bags are always trying to take sensitive info from you.
I believe people should be aware of these type of scams and what they can do to avoid becoming a victim of these bastards.