Security researchers have discovered a phishing scam that involves hackers using PayPal Holdings Inc. accounts to send malicious invoices to potential victims.
Detailed by researchers at Avanan, the scam involves hackers sending malicious invoices from PayPal’s domain, using a free PayPal account they have signed up for. The body of the emails sent spoof brands such as Norton to trick victims into appearing legitimate.
Reflecting a similar scam that utilized fake invoices sent from Quickbooks detailed earlier this month, the PayPal invoices include messages such as “thank you for purchasing Norton Security Premium plan, if you have not authorized this transaction, please call us with your credit card details.”
Called a “double spear” attack, the scam makes the user call the number and when the number is called, the hackers then try to make the user pay the invoice, obtaining their credit card details in the process.
The researchers warn that anyone receiving an invoice should Google the number and check their accounts to see if there were any charges. In a corporate setting, anyone receiving an invoice is urged to ask their IT department if they are unsure of the legitimacy of an email.
“The attack is a reminder of the genius and persistence of threat actors,” Mark Arnold, vice president, advisory services at information security consulting firm Lares LLC, told SiliconANGLE. “They continue to build new tactics on existing ones to profit from…
