Issue 122 - January 2012 - Page 5
PayPal 'Your Credit Card Information Has Changed' Phishing Scam
Email purporting to be from PayPal claims that the recipient's credit card has been removed from the PayPal account and that he or she should follow a link to rectify the issue.
The email is not from PayPal and the recipient's credit card has not been removed from the account as claimed. The message is a phishing scam designed to steal PayPal account information and credit card details.
Detailed analysis and references below example.
Last updated: 19th December 2011
First published: 19th December 2011
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer
Subject: Your credit card information has been changed!
Your credit card information has been changed.
On December 13, 2011, your credit card has been removed from your PayPal account.
You are receiving this email notification because this email address is listed as the administrative contact email for your PayPal account. If you belive this is an error, click the link below, log in to your PayPal account and follow the instructions.
Please do not reply to this email. This mailbox is not monitored and you will not receive a response.
PayPal Email ID PP8116
According to this email, which purports to be from online payment service PayPal and sports a seemingly legitimate PayPal logo, the recipient's credit card has been removed from his or her PayPal account. The email claims that if recipients believe that the credit card removal is an error, they can click a link in the message and follow instructions to rectify the problem.
However, the email is not from PayPal. The claim that credit card details have been removed from the account is a lie designed to fool users into divulging information to cybercriminals.
People who fall for the ruse and follow the link will be taken to a fake "PayPal" website that has been carefully designed to mirror the genuine PayPal website. The casual observer might find it difficult to notice any difference between the fake webpage and the real PayPal site. If the victim goes ahead and enters his or her login details on the fake webpage, the following web form will be displayed. The form asks for the victim's name, address, contact details, and driver's licence details as well as his or her credit card information:
All information submitted on the bogus website - including the user's PayPal login details - can be collected by the criminals operating this scam campaign. Once they have collected this information from their victim, the criminals can then use it to login to his or her real PayPal account, steal more personal information and make fraudulent PayPal transactions. They can also use the stolen personal and credit card information to commit credit card fraud and identity theft.
Another recent and very similar campaign
claims that users must verify their details to lift limitations imposed on the account. Because it conducts its operations primarily online and via email, PayPal has become a regular and ongoing target
for phishing scammers. Be cautious of any message purporting to be from PayPal that asks you to follow a link to supply personal or financial information. Always login to PayPal by entering the PayPal address into your web browser. PayPal has published information
on its website that helps users identify phishing scams.
PayPal 'Verify to Resolve Account Limitations' Phishing Scam
Paypal 'Strange IP from a Different Location' Phishing Scam
Pages in this month's issue:
- Cancer Info From Johns Hopkins Hoax Email
- AT&T Phishing Scam
- Jon Bon Jovi is NOT Dead
- World of Warcraft Phishing Scam
- PayPal 'Your Credit Card Information Has Changed' Phishing Scam
- Hoax - Julia Gillard Admits Being in A Lesbian Relationship
- Facebook Survey Scam - Get a Costco Gift Card for Free
- Facebook Survey Scam - Eat for Free at CheeseCake Factory
- Hoax Chain Letter - The Vengeful Ghost of Carmen Winstead
- Craigslist Account Phishing Scam
- JB Hi-Fi Facebook Survey Scam
- Decorative Magnets on Refrigerators - Cancer Warning Hoax
- ABSA Phishing Scam Emails
- Delta Air Lines Passenger Itinerary Receipt Malware Emails
- American Airlines Flight Ticket Order Malware Emails
- Hotel Key Card Security Risk Hoax
- Bogus MADD Petition
- Hoax: HIV Infected Blood In Pepsi
- Hoax - Cell Phone Numbers Go Public This Month
- Video Of Plane With Failed Landing Gear Landing on a Small Truck
- Free Facebook Credits Survey Scam
- Chicken Jerky Dog Treats Warning
- Bogus Warning - 'BBQ Enthusiast' Avatar on Cafe World is a Trojan Horse Virus