Photo by Kon Karampelas on Unsplash
An independent guest blogger wrote this blog.
Up until now, some of PayPal users’ greatest fears in terms of cybersecurity were phishing scams aimed at obtaining their login credentials. In January of this year, PayPal confirmed a high-severity bug affecting the login form, with PayPal security investigator, Alex Birsan, finding a javascript file with what looked like a CSRF token and a session ID – which makes login information vulnerable to attackers. However, another scam is set to take this vulnerability further, by aiming not only to elicit login details, but also personal information and payment card/bank account details.
Going a step further
The new scam, discovered by researchers at ESET, sends PayPal users an email stating that their account has experienced ‘unusual activity.’ The email then requests that the users take specific…
 |
Posted by: Karoline Gore |
The post New PayPal phishing scam seeks to go beyond login credential information appeared first on Cybersecurity Insiders.
February 11, 2020 at 09:09PM
0 comments:
Post a Comment