PayPal has always been a target for cybercriminals in fake campaigns to steal money from users. Sometimes PayPal fake emails or phishing links trick users to login with their financial details.
To get rid of such fake sites, PayPal has joined forces with OpenDNS, an IT security company that keeps an eye on suspicious domain name registrations.
As a result several PayPal lookalike websites (Some were nearly identical copies of PayPal’s website), developed with intention to steal user’s login credentials have been shutdown.
OpenDNS reports that the more convincing phishing sites in this latest batch may have been created using a custom software kit rather than merely copying and pasting code from PayPal’s real site.
“We have it on good authority from our contacts at PayPal that the kits being used were quite sophisticated when compared to others that they have seen previously,” said said Andrew Hay, senior security research lead with OpenDNS.
A screenshot of a fake PayPal site now taken offline:
Note the URL address of this site is security-paypal-center.com, while the original URL address for PayPay’s security is paypal.com/webapps/mpp/paypal-safety-and-security.
Another screenshot shows fake PayPal site involved in phishing attacks on users. Note the URL address of this fake domain is x-paypal.com, while the original address is simply PayPal.com. Remember for mobile users the PayPal URL address is mobile.paypal.com (Don’t mix the x with m for mobile).
For now some domains have been suspended, but you can’t keep the cybercriminals away from what they love to do. Sooner or later there will be another pack of fake PayPal domains targeting innocent users.
If you know any domain faking to be a PayPal representative or a part of any other online transaction/shopping company, feel free to contact us here and we will report it to authorities.