Security researchers have identified a a new phishing campaign that abuses legitimate services such as GoDaddy and Glitch to scam victims out of their PayPal credentials.
First, the attackers created a fake PayPal website that looks strikingly similar to the authentic page. They used Glitch, a low-code software used to quickly create a website and “launch it on a secure URL in under a minute”, Armorblox explained.
- Here’s our list of the best email services right now
- We’ve built a list of the best email hosting providers on the market
- Check out our list of the best antivirus available
Then, they used GoDaddy to obtain a secureserver.net domain, from which they are distributing a fraudulent email message to their victims. The email itself is designed to look identical to legitimate communications from PayPal.
Despite typos and other inconsistencies across the email, the researchers say it "bears enough surface-level similarity to a real PayPal email to pass the eye tests of unsuspecting victims".
The contents of the email are that of a typical phishing attempt: the scammers warn the victim that their PayPal profile is incomplete, and expired card details may be the culprit. The email claims the person will lose access to their account unless they update their details.
The victim is prompted to click on a malicious link, where their phone number, email address and PayPal password are harvested.
Defend against phishing
Although phishing campaigns such as this are relatively common, they are still an effective means of laying the groundwork for account takeover and other types of attack.
This particular phishing campaign is likely to hook both consumers and small to medium-sized businesses (SMBs), many of which regularly use PayPal’s services.
The best way to shield against phishing is to train employees on the dangers of social engineering, to educate them not to click on links in emails or download attachments from unverified sources, and to enable two-factor authentication.
- Here's our rundown of the best malware removal solutions on the market now
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.