Criminals use PayPal to get your money. The new method is difficult to get through and works via the official PayPal mail channel. That doesn’t make things any easier. We tell you how to protect your money.
Fraudsters are always trying to get data or even direct money from users. Sometimes the tricks are clumsy and easy to see through, but sometimes the devious deals become more difficult to see through. Fraudsters are currently taking advantage of the warning tag via SMS , while a whole payment method is under suspicion on eBay classifieds, and the LKA even warns of a scam . But the current case via PayPal even surpasses these cases.
SCAMMERS EXPLOIT PAYPAL SYSTEM
But what is so dangerous about the new system? As a rule, phishing criminals use fakes to get your data or money. For this purpose, e-mails are sent in the name of reputable banks, dealers or others. But this method is easy to spot. We show you how in our phishing guide . But now, when scammers contact you, there’s a real PayPal notification. And that’s where the scam begins.
As Sophos has informed, the criminals are proceeding as follows: First, e-mails are hoarded using classic phishing or by purchasing data on the dark web. The scammers then set up a real PayPal account. The criminal then uses the “request money” function and an email is sent to the victim. And this mail actually comes from PayPal itself. Thus, there is a very serious first contact with the potential victim.
Now the tricky part begins: The fraudster presents the claim like an invoice and at the same time offers an easy way to cancel the same. This is done with a phone number. This means: From this point on, he can communicate with the victim outside of PayPal’s control. In addition, the appearance is maintained that it is not a matter of fraud, because you can easily cancel.
THIS IS HOW YOU DISSOLVE AN ATTACK INTO THIN AIR
The attack is difficult to spot, but all the more easy to fend off. Because there are two points where you can stop things before they become dangerous. On the one hand, you can safely ignore the request for payment. Because no serious business model is based on an invoice via PayPal payment request.
Second, you should always pay attention when people try to lure you out of secure systems. This is done here via the cancellation offer using a telephone number. If you come across someone within such systems, whether ebay classified ads, PayPal or Amazon’s payment service, who does not want to do business with them, you should be very careful. In such cases, check carefully whether you have ordered anything at all and if so, only react to notifications or invoices on these very pages.
