Hackers have taken their phishing scams to a whole new level by combining encrypting ransomware with a PayPal phishing page designed to steal credit card information.
The scam was uncovered by researchers at MalwareHunterTeam and marks a deviation from traditional phishing attacks by trying to snare the victim in a two-pronged approach.
The ransomware itself is not overly sophisticated but the related ransom note has been cleverly designed to provide a further opportunity to scam the victim.
As soon as the victim’s files have been encrypted, they are given the option of recovering their files by making a Bitcoin payment or using their PayPal account.
Image: Ransom note (Source: HackRead.com)
If the user chooses to pay using PayPal, they will be redirected through to a phishing site that has been specifically set up to steal credit card information and personal details.
The page appears entirely legitimate, however as soon as the user submits their information, they are directed through to http://ppyc-ve0rf.890m.com/s2[.]php rather than the official paypal.com web address.
After the victim enters all their personal details, they are told their account has been unlocked and are directed through to the official PayPal page and prompted to login.
Image: Fake PayPal Phishing page (Source: Bleeping Computer)
PayPal scams are nothing new, but this particular scam highlights the evolving sophistication that is being used to trick victims into disclosing sensitive information. Users must be extremely vigilant and question the validity of all emails, especially those from unknown sources.
To protect yourself from falling victim to a phishing scam, you should follow the below guidelines.
Despite the increasing sophistication of phishing attacks there are a number of ways you can protect yourself online. MetaPhish has been specifically designed to protect businesses from phishing and ransomware attacks and provides the first line of defence in combatting cyber-crime. Get in touch or further information on how we can help your business.