• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • January 22nd, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Cyber Crime
Phishing Scam

Crooks Hack World Bank SSL Certificate To Host PayPal Phishing Scam

November 21st, 2015 Waqas Phishing Scam, Scams and Fraud, Security 0 comments
Crooks Hack World Bank SSL Certificate To Host PayPal Phishing Scam
Share on FacebookShare on Twitter

Hackers have again attacked PayPal but this time by making a clone site that even had an SSL certificate of the World Bank Domain.

What happened is that hackers exploited a site operated by the World Bank Group and in place of the original site hosted a PayPal phishing site.

What made the scam look legitimate was the SSL certificate of the World Bank written over it.

The cyber criminals hacked and removed the index page of the original site but kept the original SSL certificate designated to the World Bank.

cyber-criminals-hack-world-bank-website-to-host-paypal-phishing-scam-1

Image Source: Netcraft (Click to enlarge)

Extended Validation certificates are given to organizations, after through verifications and are one of the significant checks carried out by a user for trusting the organization.

Here the SSL certificate showed World Bank written meaning it’s a site operated under the world bank which in reality is just a trap created by hacking into the site “climatesmartplanning.org” whose URL is even depicted on the hacked site, but the content is from PayPal’s login page.

cyber-criminals-hack-world-bank-website-to-host-paypal-phishing-scam-2

Image Source: Netcraft (Click to enlarge)

The hacked site provides data on climate smart planning to the policy makers of the developing countries. Hacking of such a site is a shame as it was made for a noble purpose, but hackers had other ideas.

After the attacks, the website went unavailable for some time but came back with phishing content removed. This didn’t end here on 19th November the website was again attacked and the homepage was defaced and showed “Defaced by “Virus Iraq”.

cyber-criminals-hack-world-bank-website-to-host-paypal-phishing-scam-3

Image Source: Netcraft (Click to enlarge)

According to the World Bank, there are total 419 scams so far in which cyber criminals have used their domains.

[fullsquaread][/fullsquaread]

It all started on Tuesday when a user was asked to enter PayPal email id and password on the site. All the credentials were submitted to logcheck.php script which validated all the data from the user. If the data was valid it showed “temporarily unable to load the user’s account” but if the email was incorrect it said invalid email or password like original PayPal site, explains Netcraft who were the first one to identify the scam.

cyber-criminals-hack-world-bank-website-to-host-paypal-phishing-scam-4-side

Image Source: Netcraft (Click to enlarge)

In order to gain more information on the user the page asks for more details about the account such as name, date of birth, address and phone number once confirmed the user is asked for entering credit card details.

cyber-criminals-hack-world-bank-website-to-host-paypal-phishing-scam-6-side

Image Source: Netcraft (Click to enlarge)

After that, the user is asked for 3D password to allow the hackers breach the security of the sites who ask for 3-D passwords while the user wants to purchase anything. Once the attacker has this password the user is directed to the original papal site.

Currently, the climatesmartplanning.org is down and chrome users can see a warning message on Google cache:

Screen Shot 2015-11-21 at 2.47.49 PM

Here all the PayPal and other users must remember that they should never click to the links or attachments on such emails even if it’s from the official site. Instead, log in to your account by opening “paypal.com” in another tab. Most, importantly, always verify the SSL certificate (The green color indicator at the start of the site’s URL is the best indicator of the site being legit).

It is safe and advisable to log in to your PayPal account by entering the web address into your browser’s address bar or via an official PayPal app. The PayPal website has a verified green signature as shown in the screenshot below:

paypal-users-hit-with-asda-order-phishing-scam-2

  • Tags
  • Cyber Crime
  • Frauds
  • hacking
  • Paypal
  • Phishing
  • Phishing Scam
  • Privacy
  • security
Facebook Twitter LinkedIn Pinterest
Previous article Researcher Founds Bug That Made Mark Zuckerburg Quit his job at Facebook
Next article Self-Proclaimed Anonymous Hacktivists Predict Potential ISIS Terror Attacks
Waqas

Waqas

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related Posts
Gamarue malware found in UK Govt-funded laptops for homeschoolers

Gamarue malware found in UK Govt-funded laptops for homeschoolers

Shazam Vulnerability exposed location of Android, iOS users

Shazam Vulnerability exposed location of Android, iOS users

Ongoing 'FreakOut' malware attack turns Linux devices into IRC botnet

Ongoing 'FreakOut' malware attack turns Linux devices into IRC botnet

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
Massive privacy risk as hacker sold 2 million MyFreeCams user records
Cyber Crime

Massive privacy risk as hacker sold 2 million MyFreeCams user records

6
Gamarue malware found in UK Govt-funded laptops for homeschoolers
Security

Gamarue malware found in UK Govt-funded laptops for homeschoolers

36
Shazam Vulnerability exposed location of Android, iOS users
Security

Shazam Vulnerability exposed location of Android, iOS users

319

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us