Hackers have found a way to manipulate PayPal’s email platform to send phishing emails from legitimate email addresses like service@paypal.com. By doing so, they evade security filters, reaching potential victims directly. These emails typically claim that a new delivery address has been established and prompt users to confirm it. When victims call a provided 'help desk' number, they are duped into downloading software that gives hackers access to their devices and bank accounts. The process relies on creating new shipping addresses and utilizing a Microsoft 365 service to circulate phishing messages.
Hackers exploit PayPal's email settings to send phishing emails from a legitimate email address, tricking victims into downloading malware that can access bank accounts.
These phishing emails typically notify victims of a fictitious order, prompting them to confirm a delivery address or contact a 'PayPal help desk' that is actually run by the hackers.
By spoofing the email settings of PayPal, hackers manage to bypass security filters, allowing their malicious messages to land directly in victims' inboxes without detection.
The manipulation process involves creating a new shipping address, receiving confirmation from PayPal, and then using a Microsoft 365 account to automatically forward fraudulent emails to potential victims.
Collection
[
|
...
]