- One of the best mid-range sports watches I've tested is on sale for Black Friday
- This monster 240W charger has features I've never seen on other accessories (and get $60 off this Black Friday)
- This laptop power bank has served me well for years, and this Black Friday deal slashes the price in half
- This power bank is thinner than your iPhone and this Black Friday deal slashes 27% off the price
- New Levels, New Devils: The Multifaceted Extortion Tactics Keeping Ransomware Alive
Hackers Leverage PayPal to Send Malicious Invoices
Threat actors have been leveraging the online payments system PayPal to send malicious invoices directly to users through the platform.
The campaign was recently discovered by security researchers at Avanan, a Check Point company, who said it was different from previous campaigns seen by the company.
“This is different from the plenty of attacks we’ve seen that spoof PayPal. This is a malicious invoice that comes directly from PayPal,” reads an advisory published earlier today.
The phishing email seen as part of the malicious campaign warned users that there had been fraud on the account and threatened a fine of $699.99 should the victim not take action.
However, Avanan marketing content manager Jeremy Fuchs wrote that the body of the email could alert some cautious users that the email was not authentic.
“First, the grammar and spelling is all over the place. Second, the phone number they list is not related to PayPal.”
At the same time, Fuchs said some users may still decide to call the phone number to get more information about the email.
“The general goal is to call the number or follow up for more details. If you call that number, now they have your cell phone number and can use it for more attacks. And it’s another chance to scam you on the phone.”
According to the Avanan team, the perks of using PayPal for threat actors are several, including the ability to send many invoices at a time and make them professional-looking.
“Beyond that, the email comes directly from PayPal. The email itself is not malicious–there are countless legitimate invoices sent via PayPal every day. An email coming from service@paypal.com will pass all SPF, DKIM and DMARC checks.”
To guard against attacks like this, Avanan recommends security teams research phone numbers found in emails before calling them. They should also implement advanced methods to ascertain whether an email is clean and encourage a culture of transparency for users to ask for help from IT if necessary.
The campaign spotted by Avanan comes weeks after PayPal notified thousands of US customers that their logins were compromised over a month ago.
