If you get a tweet from what appears to be an official PayPal support account on Twitter, take the time to double-check the source – because currently, there is a phishing scam doing the rounds using false accounts to try and trick users into giving up their logins.
Proofpoint uncovered this new so-called ‘angler’ phishing attack whereby fake tech support accounts monitor Twitter for messages reaching out to PayPal for help using ‘@PayPal’, and then step in pretending to be an official conduit of support.
They contact the user, employing the correct PayPal logo and so forth, and link across to an official-looking login screen where the actual phishing takes place, nabbing the user’s PayPal password should they enter it.
Playing on expectations
Because the user in question is expecting a response from PayPal support, they’re more likely to fall for this particular trick.
The fake accounts are named things like AskPayPal_Tech, or AskPayPal, and go to some lengths to make their Twitter page look authentic.
Of course, the usual clues that something is amiss are present if you look closely enough, such as the typical spelling error or suspect grammar – and the fact that these accounts have been created in the last month or so, which is a bit of a giveaway.
Both Twitter and PayPal are aware of the problem and are currently working to put a stop to the scam accounts. In the meantime, as ever, look before you leap, and be careful of clicking on any links thrown at you in tweets (you should always think before clicking a link of course, wherever you are online).
Complete the new 2016 Cyber Crime survey, so we can see the full scope of Cyber Crime in Warwickshire, and across West Mercia and the West Midlands – https://www.surveymonkey.co.uk/r/RegionalCyber16
For more information about our work, please visit www.safeinwarwickshire.com/cybercrime
Be Cyber Streetwise is a cross-government campaign, funded by the National Cyber Security Programme. They aim to measurably and significantly improve the online safety behaviour and confidence of consumers and small businesses (SMEs).
Get Safe Online is the UK’s leading source of factual and easy-to-understand information on online safety. Their website offers advice on how you can protect yourself, your computers and devices, and your business against the likes of fraud, identity theft, viruses and other potential online problems.