A fake email from Paypal is used by hackers to carry out a phishing attack on users.
The email says a transaction has been made from your account to Associated Dairies (ASDA), for a product you recently ordered (relevant details in relation to the product are also mentioned).
Of course, the receipt is just a way of tricking people into believing that a fraudulent transaction has been made from their account. But, the reality is that the email itself is fake and sent for the purpose of stealing financial and login details of credit card and Paypal account.
Must Read: ‘Payment Reversal’ Another PayPal Phishing Scam Targeting Customers
How do they steal this information from the user?
It’s simple, the cybercriminals are sending transaction receipt with a disputed link. Once the user clicks on the “dispute” link they are directed to a fake Paypal website and asked to login. Once the user does that all the information related to his Paypal account is transferred to the hackers.
Example:
So, is there a way to avoid this scam?
Yes, there are some measures to be taken such as you can download PayPal’s app on Android, iOS or Windows and check if PayPal has really deducted any money from your account?
Must Read: Crackdown: Fake PayPal Lookalike Phishing Websites Taken Offline
Remember, such fake PayPal emails include a greeting like “Dear customer”, but Paypal never greets its customer like this so this can be used as an indication. Further, whenever you are on the Paypal site you must look at “HTTPS” green sign for checking out the authenticity of the site.
The PayPal website has information about phishing and how to report scam emails.
Hoax-Slayer