This email is crafty since the message is email header (see bad email header here) is composed well, the reply is back to PayPal, etc. Moreover, all the image sources are from PayPal, but the real threat comes from the attached document which it asks you to fill out.
This email will try to steal your identity on PayPal and also has a browser jack file payload. It's fairly rudimentary form and obvious, but the best deception are the most seemingly obvious. The browser jack file payload, is not obvious at all however and is a huge compromise, a top tier anti-virus program should detect like Kaspersky.
The email subject line;
"Your PayPal Confirmation Alert ✓"
The email reads, but the give away this is misspelling of Thank you.
The attached document is name PayPal-Alert.htm and contains a form to direct all your personal information to be sent to this URL address...
The attached document cleansed pre-view
PayPal ID and Password |
Enter your primary email address as your Paypal ID. |
Please enter your information. |
Mailing Address |
Please enter your mailing address. |
Profile of credit card |
|
Action > Report the Phishing URL to Google Plex now, click this link
No comments:
Post a Comment