In order for a phishing campaign to be successful, the cybercriminals behind it first need to ensure that their lures can reach potential victims, which is why they’ve recently turned to PayPal to send out fake invoices.
According to a new report (opens in new tab) from the Checkpoint-owned cybersecurity firm Avanan, cybercriminals are now using the legitimacy of PayPal to reach the inboxes of unsuspecting users.
Beginning in June of this year, the firm’s security researchers first observed this new technique which utilizes PayPal to send out malicious invoices and request payments. The cybercriminals behind this new campaign use free PayPal accounts to send emails from the company’s domain while spoofing the popular antivirus software brand Norton.
After creating an account, the cybercriminals use PayPal’s features to create fake invoices in which they edit the business name and fake phone numbers to make them appear more legitimate.
These fake invoices also include a message that reads: “Thank you for purchasing Norton Security Premium plan, if you have not authorized this transaction please call us with your credit card details.”
Unsuspecting users, who don’t remember signing up for Norton’s antivirus software, may call the number and provide their credit card details to avoid being changed. However, in doing so, they willingly give the attackers their phone number and payment information which can be used in future attacks.
The Static Expressway
This…
