Scammers are pushing out fake PayPal emails that use the premise of an unverified transaction to phish for customers’ personal and financial information.

The attack emails lure in users with subject lines stating how PayPal couldn’t verify their transactions or complete their most recent payments. Here’s one example:

Example of unverified PayPal transaction phishing email. (Source: Malwarebytes)

We couldn’t verify your recent transaction

Dear Client,

We just wanted to confirm that you’ve changed your password. If you didn’t make this change, please check information in here. It’s important that you let us know because it helps us prevent unauthorised persons from accessing the PayPal network and your account information.
We’ve noticed some changes to your unsual selling activities and will need some more information about your recent sales.

Verify Information Now

Thank you for your understanding and cooperation. If you need further assistance, please click Contact at the bottom of any PayPal page.

Sincerely,

PayPal

Clicking on the “Verify Information Now” redirects the user to myaccounts-webapps-verify-updated-informations(dot)epauypal(dot)com/myaccount/e6abe. This fake landing page in turn attempts to direct them to a resolution center. There, they’re prompted to resolve the issue by providing “a little more information about [their] account transactions.”

A little more information? Try the user’s name, address, phone number, mother’s maiden name, date of birth, and credit card information.

Fake PayPal resolution center page where users are prompted to submit their personal information. (Source: Malwarebytes)

Christopher Boyd, lead malware intelligence analyst at Malwarebytes, explains the damage that submitting such data into the fake form can cause to users:

Sadly, anyone submitting their information to this scam will have more to worry about than a fictional declined payment, and may well wander into the land of multiple actual not-declined-at-all payments instead. With a tactic such as the above, scammers are onto (Read more...)