A new email scam has hit the internet, mostly targeting PayPal users in a bid to install malware on their computers and phones.
The malicious email is disguised to look like an official communication from PayPal, and even appears to be sent from the address ‘firstname.lastname@example.org’.
According to technology experts, the malware only hits Windows machines, with Mac, iPhone and Android users unaffected by the virus — even if they open the fraudulent email.
Users who open the email, which is often sent with the subject line ‘PayPal account warning’, are prompted to open an attached Word document laced with malware.
“To protect your funds, verify please your account data. It will let us approve your post address and personal data. Also we strongly recommend to keep passwords and login data, in the safe place,” reads the scam mail in part.
“To make your account information verified, please fill and send the next form via e-mail or via post. If you will not react on this notification, we will be forced to temporarily block your online services until you won’t verify your account information,” the fraudulent email concludes.
There are a number of different variations of the PayPal scam currently being circulated online, according to security blog, My Online Security.
In one example of the malicious correspondence, the email reads. “Greetings, dear Client! We noticed a lot of frauds performed by machinations with online services of the accounts of our clients.
“Attackers obtain access to accounts by stealing login data and passwords, this may be very dangerous for your funds and our reputation, so we are asking you to perform some actions, in order to prevent fraud.”
This comes a few days after PayPal locked accounts belonging to Kenyan users connected to Safaricom’s Mpesa, in what was seen as the escalating cases of SIM swap fraud.
Do you have a story you want told? Do you know of a sensitive story you would like us to get our hands on? Email your news TIPS to email@example.com