Phishing: Update your PayPal account Information

We have detected new phishing emails with subject “Update your PayPal account Information” that contain fake PayPal link that redirects to a phishing page used to steal PayPal account details of users that type their credentials.

Email header:

Subject: Update your PayPal account Information
Date: Mon, 16 Jan 2012 00:43:26 +0100
Received: from WIN-QJ6LOAE77N1 (unknown [])

The malicious link is:

hxxp://technologyprojects. org/wp-rss.php

That redirects to:

HTTP/1.1 302 Moved Temporarily
Date: Mon, 16 Jan 2012 01:08:28 GMT
Server: Apache
X-Powered-By: PHP/5.2.14
Location: hxxp:// .com/us/webser/us
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

Note the long subdomain name that begins with “”: com

The ip address of the malicious domain is: /

Random Posts

Previous Posts