PayPal Phishing – HTML Attachment

Posted by on Tuesday, August 10th, 2010  |  8,046 views

Got a another phishing email today. The email came to an email I have registered to a PayPal account so it instantly caught my eye. I logged into my PayPal account using the correct URL, all is well. So this is obviously another phishing attempt, but not the typical kind.

Image

Typical message content, but they usually give you a (fraudulent) link to follow. Not this time, they attach an HTML file which will open in any browser. I opened the file in a safe environment, all looks very convincing.

Image

Now, not only would PayPal never ask you to reactivate your account in this manner, they would never ask for your credit card & personal details.

Image

When you click the Submit button it will send all the details you entered to this script.

hxxp://202.181.105.217/~info/AccountVerification/cf.php

Which displays this output.

Image

So in conclusion, if you ever are worried your PayPal account has been accessed by a third party and needs reactivating, phone them.

Posted by on Tuesday, August 10th, 2010 at 3:02 pm and filed under Phishing, Spam with tags , , . You can skip to the end and leave a response. Pinging is currently not allowed.

Random Posts

Previous Posts