Jul29
11:34 am (UTC-7)   |   by Verna Sagum (Fraud Analyst)

Paypal has launched a blog, known as The Paypal Blog, a forum for Paypal employees who want to share their opinions and insights. It also welcomes feedback, suggestions and questions from customers. Unfortunately, phishers have also taken advantage on the popularity of this blog.

There is a spoofed article with title, Social Networking Comes to Paypal, as shown in Figure 1, that talks about giveaways or “FREE STUFF” for the first 100 customers to sign up on the provided spoofed login page located below the article (see Figure 2). It steals Paypal login user names and passwords of customers. To make the blog more convincing, it directs the users to the legitimate article Shop with Paypal at OfficeMax and American Eagle Outfitters, when users click on the text string full story in hyperlink form.

This new trick of social engineering can trap unknowing users since it also uses a genuine-looking type of phishing URL, which is thepaypaiblog.com. What’s worse is that it also uses the picture and identity of known Paypal employee, a technique that is considered as Digital Forgery. The phishing URL has already been blocked by Web Classify Server (URL Filtering Service).

If you're new here, you may want to subscribe to our RSS feed. Thanks for visiting!



This entry was posted on Tuesday, July 29th, 2008 at 11:34 am and is filed under Phishing . Responses are closed, but you can trackback from your own site.



Comments are closed.


Another Fraudulent Trend Micro Site Appears
The ‘BailiWicked’ Problem


 
TrendWatch Hijack This Web Protection Add-On
Free Online Virus Scan Rootkit Buster Submit Suspicious Files
Global Malware Map RUBotted? Trend Micro
 



    		 
© Copyright 2009 Trend Micro Inc. All rights reserved. Legal Notice