Spam impersonating PayPal using attached form

A classical phishing email… Nothing special (same bad English, as always).

Dear Valued Customer,

Unauthorized access has been detected in your account.

Unfortunately, due to this event, our security system has limited the access to your account.
Account Limitations prevent you from completing certain actions with your account, such as withdrawing, sending, or receiving money.
These limitations are implemented when we see unusual or suspicious activity to help protect both PayPal buyers and sellers.

Please verify your account by completing the form which is attached in this email. By doing this, restrictions in your account will be lifted.

We apologize for any inconve nience.

Thank you,
PayPal Security Team

paypal-email

What is interesting is the usage of a technique which I haven’t seen used since a couple of years: they attached an HTML document containing the form below.

The document is called “form.html” and it contains just one single javascript function used to validate the input.

It is a simple HTML form which submits to hxxp://www.secured-line.su/x01.php using a hidden ID.

Are they counting which form performs better ? Hmm…

 

papypal-form

 

Fortunately, Google detects these emails as spam/phishing and blocks them.

For additional tips on how to improve your security, check by eBook here: http://www.improve-your-security.org

 


© Copyright 2015 Sorin Mustaca, All rights Reserved. Written For: Sorin Mustaca on Cybersecurity

Check www.mustaca.com for the IT Consulting services I offer.
Visit www.itsecuritynews.info for latest security news in English
Besuchen Sie http://de.itsecuritynews.info für IT Sicherheits News auf Deutsch

About the Author

Sorin Mustaca
Sorin Mustaca, (ISC)2 CSSLP, CompTIA Security+ and Project+, is working since year 2000 in the IT Security industry and worked between 2003-2014 for Avira as Product Manager for the known products used by over 100 million users world-wide. Today he is an independent IT Security Consultant focusing on Cybersecurity, secure software development and security for IoT and Automotive. He is also running his personal blog Sorin Mustaca on Cybersecurity and is the author of the free eBook Improve your security .

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close