MADRID, June 22 (Portaltic/EP) –
Avanan, a Check Point Software Technologies company, has uncovered a scam in which cybercriminals impersonate PayPal to obtain victims’ phone numbers and banking information.
This security solution provider has announced that these fraudulent attacks are similar to registered a few months ago with another well-known brand such as Amazon.
In this threat, cyber criminals send a seemingly legitimate PayPal order confirmation and inform users that they have purchased more than $500 from PayPal. DogeCoin blockchain-based cryptocurrency.
In order to cancel the order, users are given the option to call a support or customer service number, a fake phone they use to contact cyber criminals.
From Avan inform that the contact number in these fraudulent emails is based in Hawaii (United States) and has previously been linked to other scams.
Not only can scammers gain access to your financial information, but they can also target their victims different forms with their respective telephone numbersfrom text messages to calls or WhatsApp messages.
However, the main goal of cyber scammers is to access their victims’ banking details. So if they call this number, they will be instructed to provide the credit card number and CVV to cancel the charge.
This attack usually works because the body of the email does not contain a link that could be filtered as malicious if the “email” has a security solution.
“The major payment brands are among the most impersonated because internet users tend to trust their email. […] Companies like Paypal, Amazon or Microsoft are a clear target, so extreme attention must be paid to them. any entity asking us for personal information“, commented the technical director of Check Point Software for Spain and Portugal, Eusebio Nieva.
From this company, users are advised in case of receiving an “email” with these characteristics You should first verify the PayPal account and look at the sender address of the email.
In addition, they assure that it is practical not to include companies with these characteristics in the “allowed” lists in the inbox, since they are usually among the most frequently repressed.