PayPal Text Phishing Scam

Posted by Geraldine Hunt on Wed, Apr 3rd, 2019

An important element for a phishing attack is trust.  Users need to trust the source that the phishing message is originating from.  That’s why attackers often spoof the email address of a senior manager or vendor contact message so the payload is delivered from a credible source. Phishing can come through email or your phone via voice or SMS. Currently doing the rounds is a very believable Paypal text phishing scam.

The text message comes from a shortcode number *729724*  and states:

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

At first glance, it may look like a PayPal link, but on closer inspection, it clearly directs to a different domain.  The text warns that your PayPal account has been locked and urges you to follow a link to restore access.  If you click the link as requested, a fake PayPal webpage opens in your smartphone's browser.

Do you use the same password across various accounts and online services? 

• Make your password is hard to guess - use a combination of upper and lower case letters, numbers, and special characters.
• Change your password often.
• Do not use the same password with more than one account. Think about it: If you use the same email and Linkedin and Paypal password, and someone found out your Linkedin password, they can log into your email and potentially gain access to every single account that that email address is associated with by using “forgot my password” links.

We are warning anyone who receives one of these Paypal texts to delete it immediately. Always read your messages before you click, or even better – just don’t click on the link and contact PayPal directly. 

Phishing Sources

Phishing messages can come from a growing number of sources, including:

• Email
• Phone calls
• Fraudulent software (e.g, anti-virus)
• Social Media messages (e.g., Facebook, Twitter)
• Advertisements
• Text messages

Random phishing attacks are usually caught by email filters, but spear phishing attacks are much more sophisticated and use employee background data to avoid filters and provide a higher level of ROI for the attacker. An attacker can spend days (weeks even) collecting data on employees and use this information to email them directly.

With the SpamTitan Email Filter, you can fully protect your exchange server and every recipient within the organization. SpamTitan provides phishing protection to prevent whaling and spear phishing by scanning all inbound email in real-time. SpamTitan searches for key indicators in the email header, domain information, and content. SpamTitan also performs reputation analysis on all links (including shortened URLs) contained in emails and block malicious emails before being delivered to the end user. How SpamTitan protects from phishing attempts:

• URL reputation analysis during scanning against multiple reputations.
• Detect and block malicious spear-phishing emails with either existing or new malware.
• Heuristic rules to detect phishing based on message headers et al. These are updated frequently to address new threats.
• Easy synchronization with Active Directory and LDAP.
• Spam Confidence Levels can be applied by user, user-group and domain.
• Whitelisting or blacklisting senders/IP addresses.
• Infinitely scalable and universally compatible.

How WebTitan Internet Filtering Solutions Protect against Phishing

WebTitan provides an advanced yet easy to use DNS-based solution to protect your business and users when online. In real-time, it both secures and protects your business from online threats such as malware, phishing, botnets and malicious sites.  WebTitan uses multiple mechanisms to help network administrators filter web access effectively. The threats from malware, ransomware, and phishing are taken care of by pre-installed and automatically updated blacklists, SURBL filters, and URIBL filters. SSL inspection checks for the presence of malware in encrypted websites, and each web page is virus scanned.

The WebTitan range of Internet filtering solutions has been specifically developed with protection against malware, ransomware, and phishing as a priority, and flexibility and ease of use in mind not far behind. Each WebTitan solution is supported by industry-leading customer and technical service to help network administrators apply the optimum settings to filter web access effectively in every case.

If you are looking for an effective Internet filtering solution, or you have tried other solutions to filter web access and found them not to be effective, please do not hesitate to contact us and request a free trial of a WebTitan Internet filtering solution. Our team of Sales Technicians will help determine which solution is the most appropriate for your specific requirements and explain our free trial to you.

We would be equally delighted to hear from any Managed Service Provider looking for a multi-tenanted solution to filter web access on behalf of SMBs. Our free trial gives you the opportunity to evaluate our industry-leading Internet filtering solution in your own environment, and your clients the opportunity to provide feedback on how effective WebTitan is at preventing all types of malware, ransomware and phishing attacks.

To protect against advanced threats you need advanced protection. Take a closer look at SpamTitan and WebTitan today – sign up for a free demo at a time that suits you.

 

Take our Security Training Awareness Quiz