Netcraft has warned of a security flaw in the PayPal website that fraudsters are exploiting. The scam tricks users into clicking on a URL that is hosted on the real PayPal website.


Netcraft has warned of a security flaw in the PayPal website that fraudsters are exploiting. The scam tricks users into clicking on a URL that is hosted on the real PayPal website.

The URL uses SSL to encrypt the information transferred to and from the website. The website presents a valid 256-bit SSL certificate to confirm that the site belongs to PayPal.

When a user visits the URL, the message displayed is:

“Your account is currently disabled because we think it has been accessed by a third party. You will now be redirected to Resolution Center.” [SOURCE]

Once the message is displayed, the user is redirected to a false PayPal log-in page. When the user logs in using this page, his/her username and password is transmitted to the phishers.

The page also asks for additional information, including Social Security Number, credit card number, expiration date, card verification number and ATM PIN.

According to Netcraft, the server that hosts the phishing scam is in Korea and is accessed through a hex-encoded IP address.

LINKS:

For more information on the phishing scam and for screenshots, visit Netcraft.

 

 

 

 

Sharing is caring