Irish Government Emails Used in Latest PayPal Phishing Scam — Scammers are targeting your inbox with “Your Account Will Be Limited” phishing scam with terrible English skills!
Cybercriminals and scammers try their best to adopt the most sophisticated techniques so users can be tricked into giving away their personal and financial information. In the past, we witnessed such elements using government-issued emails and websites to harvest such scams.
Now, another phishing scam is targeting PayPal users and the email address used in this scam belongs to the Government of Ireland. Usually, scam emails such as these would be ignored as they often land in users’ junk mailbox but due to this being a government based email address, the email has been landing straight into users’ inbox which is quite a threat to those who are not familiar with such scams.
Essentially what is happening is, users are receiving an email from an address supposedly from the Irish government portal address “firstname.lastname@example.org” with a warning message that “Your Account Will Be Limited!.” Scammers are referring to PayPal accounts which are, of course, bogus. The email further informs users that they need to contact PayPal to remove the limitation. In order to restore the account, they need to click on a link given in the email body.
Those who read emails thoroughly will notice the poor use of the English language by the sender where rather than writing “hear” they have used the word “here” and that should be enough to suspect the email is nothing but a scam. However, those who don’t notice may click the ”update account” link which further asks for their login email and password. Once putting the info it will be delivered to the scammers behind the email and you may lose access to your PayPal account and the funds within.
Good news is that if you are using Google Chrome it already prevents users from accessing the site which hosts the so-called update link and has listed it as a phishing scam.
If you proceed to the unsafe site, it shows the phishing page has been deleted from the site, either way, it is a win-win situation but remember never to click links in an unknown email. In the case of PayPal, it is safe and advisable to log in your PayPal account by entering the web address into your browser’s address bar or via an official PayPal app. The PayPal website has a verified green signature as shown in the screenshot below:
Articles Updated: 11:47 PM Monday, June 27, 2016 Greenwich Mean Time (GMT)
While it was reported earlier that the phishing page was detected and deleted we have now witnessed a rapid increase in emails coming to users’ inbox from the same government email with a new and working link. Here are additional screenshots from latest emails targeting users:
Upon clicking the malicious link, users are redirected to this page and asked for their PayPal email and password details which are then sent to criminals behind this scam:
To trick users into thinking that the process is legit cyber criminals ask to fill a form with personal information as shown in the screenshot below:
Once you click ”next” another page will load with a ”success” message claiming that your account access has been fully restored but in reality, scammers have now received your PayPal email and password:
Watch out for this scam and DON’T for it!