 |
Security News
New cases of direct PayPal phishing
Wed, 22 November 2006
Tettnang, 22 November 2006 - The Avira experts have detected new types of phishing emails targeting PayPal users. The email comes as a warning from PayPal toward all its users to validate their accounts due to recent changes in the Service Agreement. Instead of containing the normal link to the fake website where users should “validate” their accounts, these new emails ask the users to scan the credit/debit cards on both sides (because on the reverse side is written the CSV2 code and the signature) and send the scans to an email address. In return, the users who sent the credit cards information will also receive 59 USD in their account, beside the fact that their account will not be blocked.
Once more, we see social engineering techniques used in practice. The fraudsters are counting on people’s greed to freely give their credit cards information to anybody.
The email address where the credit card information should be sent is hosted by yahoo.com. Moreover, the mail is constructed to appear to be sent from yahoo.com to the untrained eye.
The usual PayPal phishing emails contain at least a link to the fake website which stores the collected data from the victims. The websites ask for the credit/debit card number, CSV2 code and sometimes, even the PIN.
The collected information is used in carding operations. Carding is the term for illegal duplication of valid credit/debit cards with the purpose of stealing the identity of the card owner and charge its account. After a card is duplicated, the fraudster can buy online with it from almost any website in the world that accepts that credit card. If they obtain the PIN, they can even extract money from ATMs. In this case, because a copy of the back side of the card is requested, they obtain the owner’s signature as well. This way they can even go to any real shop and buy products, unless the shop asks the card holder to identify himself
 Print this page
|
|
Virus threats 
.gif)
