Experts from Malwarebytes warn that many phishing emails are supposed to come from PayPal reach incoming users during the last few days.
Phishing scams that use PayPal's name are not uncommon. However, this time the experts noticed a "flood" of these e-mails. Emails detected by Malwarebytes experts inform recipients of unusual activity on their accounts.
"Recently, we noticed unusual activity in your PayPal account compared to your normal account activity. "Please log in to PayPal to confirm your identity, update your password and security questions", the messages state.
“To protect your account, no one can send or withdraw any amount of money. In addition, no one can close your account, send refunds, no remove any bank accounts, or remove your credit cards.”
Messages contain a link that links to a PayPal phishing website. Cyber criminals report to their victims that they will have to wait for 72 hours to access the accounts. This gives them plenty of time to empty them with their quiet.
Phishing pages are hosted on a large number of domains, and over 500 IP addresses associated with the particular attack.
PayPal customers are also being targeted by a fake e-mail with the title “You have received a new payment!” which are supposed to come from the company's payment processor. According to Webroot, these notifications carry a malware, and more accurately, a variant of the notorious Trojan Zeus Banking.