New Paypal phish contains fake order and payment details to mislead receiver

September 27, 2009 by mxlab Leave a Comment

At MX Lab we intercept quite often very good phishing emails. This newest PayPal phishing email came to our attention because it contains a false order and payment transaction in order to mislead the intented receiver.

The intented receiver will open such a message and notice that a payment has been done towards, in this case, the account robertoelectronics for $440. Of course, the receiver will try to stop this transaction and use the Dispute Transaction link further down below.

Here is where the phishing starts. The URL points to a site hosted on a server with IP address hxxp://201.116.109.181/www.paypal.com/us/webscr.html?cmd=_login-run.

Be aware that with such messages you should be extra carefull. Take a look at the senders from address but more important where the URLs are leading to.

Filed under Phishing Tagged with , ,

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <pre> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>