For HomeFor BusinessFor Partners
Industry News
1 min read

New PayPal Phishing Campaign Asks for Passport Photo, Driver"s License

Silviu STAHIE

February 11, 2020

Promo Protect all your devices, without slowing them down.
Free 30-day trial
New PayPal Phishing Campaign Asks for Passport Photo, Driver"s License

A new PayPal phishing campaign is taking a novel but direct approach to fraud by asking users, in good grammar, to provide Social Security and PIN numbers, passport and driver”s license data, and even upload photos of official documents to prove they”re telling the truth.

Most phishing campaigns follow the same recipe, with bad actors looking to convince users to share sensitive information, normally consisting of banking data. But this latest PayPal phishing campaign goes further and aims to convince people to upload photos and share other information such as their Social Security number.

Jan Kopriva from tech company ALEF NULA shared the red flags that people should be watching for in this campaign. Besides the fact that neither PayPal nor any other company requires users to submit sensitive banking information online, the source of the email is the first issue, as it comes from the “ovh.com” domain.

The email says your PayPal account has been locked following an unauthorized login from a new device or browser. A button with the text “Secure and update my account now” is listed at the bottom of the email. Unlike many other phishing scams, this one lacks grammar errors.

When users click on the button, they”re sent to a page that looks very much like it belongs to PayPal, but it”s not. The original link is hidden under a bit.ly shortcut, but redirects to hxxps://nadhirotultaqwa[.]com/usrah/redirect[.]php

Users are even required to provide the Social Security number and the ATM or debit card PIN. To complete the scheme, users are asked to upload photos of the actual documents, including the credit card, passport, driving license, and government-issued photo ID.

No financial institution, private or governmental, will ever ask users to submit financial details, let alone copies of documents. The good news is that if you keep your Internet browser up to date and use a security solution, you will be able to spot these types of phishing schemes with ease.

tags

Industry News

Author

Silviu STAHIE

Silviu STAHIE

Silviu is a seasoned writer who followed the technology world for almost two decades, covering topics ranging from software to hardware and everything in between.

View all posts

Right now Top posts

Spam trends of the week: Crypto giveaways, false prophets, Fintech phishing scams and more hit user inboxes worldwide
Scam Spam

Spam trends of the week: Crypto giveaways, false prophets, Fintech phishing scams and more hit user inboxes worldwide

April 19, 2024

5 min read
Start Cyber Resilience and Don’t Be an April Fool This Spring and Beyond
Scam How to Tips and Tricks

Start Cyber Resilience and Don’t Be an April Fool This Spring and Beyond

April 01, 2024

2 min read
Spam trends of the week: Cybercrooks phish for QuickBooks, American Express and banking accounts
Spam Industry News Threats

Spam trends of the week: Cybercrooks phish for QuickBooks, American Express and banking accounts

November 28, 2023

4 min read
Protecting your important: Stick to these 8 cybersecurity tips for safe Black Friday and Cyber Monday deal hunting
Protecting Your Important How to Tips and Tricks

Protecting your important: Stick to these 8 cybersecurity tips for safe Black Friday and Cyber Monday deal hunting

November 08, 2023

4 min read

FOLLOW US ON SOCIAL MEDIA

You might also like

City street lights "misbehave" after ransomware attack
Industry News

City street lights "misbehave" after ransomware attack
Graham CLULEY

April 24, 2024

2 min read
13 People Involved in Spyware Banned from Crossing US Borders
Industry News

13 People Involved in Spyware Banned from Crossing US Borders
Filip TRUȚĂ

April 24, 2024

2 min read
GitHub Flaw Could Allow Threat Actors to Distribute Malware on GitLab
Industry News

GitHub Flaw Could Allow Threat Actors to Distribute Malware on GitLab
Vlad CONSTANTINESCU

April 24, 2024

2 min read

Bookmarks

loader