"Hackers Leverage PayPal to Send Malicious Invoices"
Security researchers at Avanan, a Check Point company, found that threat actors have been leveraging the online payments system PayPal to send malicious invoices directly to users through the platform. The researchers noted that this is different from others attacks spoofing Paypal as this malicious invoice comes directly from PayPal. The researchers stated that the phishing email seen as part of the malicious campaign warned users that there had been fraud on the account and threatened a fine of $699.99 should the victim not take action. The researchers noted that the body of the email could alert some cautious users that the email was not authentic. First, the grammar and spelling are all over the place. Second, the phone number they list is not related to PayPal. The researchers stated that the general goal of the threat actors is to have victims call the number or follow up for more details. If a victim calls that number, now they have the person's cell phone number and can use it for more attacks. The threat actors will also try to scam the victim while on call with them. According to the researchers, the perks of using PayPal for threat actors are several, including the ability to send many invoices at a time and make them professional-looking. The researchers noted that an email that comes directly from PayPal will pass all SPF, DKIM, and DMARC checks.
Infosecurity reports: "Hackers Leverage PayPal to Send Malicious Invoices"