Spam impersonating PayPal using attached form

A classical phishing email… Nothing special (same bad English, as always).

Dear Valued Customer,

Unauthorized access has been detected in your account.

Unfortunately, due to this event, our security system has limited the access to your account.
Account Limitations prevent you from completing certain actions with your account, such as withdrawing, sending, or receiving money.
These limitations are implemented when we see unusual or suspicious activity to help protect both PayPal buyers and sellers.

Please verify your account by completing the form which is attached in this email. By doing this, restrictions in your account will be lifted.

We apologize for any inconve nience.

Thank you,
PayPal Security Team

paypal-email

What is interesting is the usage of a technique which I haven’t seen used since a couple of years: they attached an HTML document containing the form below.

The document is called “form.html” and it contains just one single javascript function used to validate the input.

It is a simple HTML form which submits to hxxp://www.secured-line.su/x01.php using a hidden ID.

Are they counting which form performs better ? Hmm…

 

papypal-form

 

Fortunately, Google detects these emails as spam/phishing and blocks them.

For additional tips on how to improve your security, check by eBook here: http://www.improve-your-security.org

 


© Copyright Sorin Mustaca, All rights Reserved. Written For: Sorin Mustaca on Cybersecurity


Check www.endpoint-cybersecurity.com for seeing the consulting services we offer.

Visit www.itsecuritynews.info for latest security news in English
Besuchen Sie de.itsecuritynews.info für IT Sicherheits News auf Deutsch

About the Author

Sorin Mustaca
Sorin Mustaca, (ISC)2 CSSLP, CompTIA Security+ and Project+, is working since over 20 years in the IT Security industry and worked between 2003-2014 for Avira as Product Manager for the known products used by over 100 million users world-wide. Today he is CEO and owner of Endpoint Cybersecurity GmbH focusing on Cybersecurity, secure software development and security for IoT and Automotive. He is also running his personal blog Sorin Mustaca on Cybersecurity and is the author of the free eBook Improve your security .
%d bloggers like this: