Menu
Many PayPal lookalike phishing websites taken offline

Many PayPal lookalike phishing websites taken offline

Some were nearly identical copies of PayPal's website, OpenDNS said

A handful of convincing phishing sites including this one targeting PayPal have been taken offline, according to OpenDNS.

A handful of convincing phishing sites including this one targeting PayPal have been taken offline, according to OpenDNS.

PayPal has worked to shut down a handful of phishing websites that sought to steal people's login credentials by appearing to be the company's real website, according to a security company.

Many of the sites, which are offline or have been redirected, were nearly identical copies of PayPal's website, which could have fooled some victims into divulging their details, according to OpenDNS, a security company that in part monitors for suspicious domain name registrations.

PayPal has long been a target for fraudsters who for years have registered domain names that try to mimic legitimate PayPal domains or services in order to compromise accounts.

The more convincing phishing sites in this latest batch may have been created using a custom software kit rather than merely copying and pasting code from PayPal's real site, said Andrew Hay, senior security research lead with OpenDNS.

"We have it on good authority from our contacts at PayPal that the kits being used were quite sophisticated when compared to others that they have seen previously," Hay wrote via email.

In two instances, the fraudsters registered the domain names "redirectly-paypal.com" and "security-paypal-center.com" through Wix.com, a Web-based service for creating websites. Both sites are no longer active.

Other suspicious domain names were bought through Enom, a domain name registrar, OpenDNS said in a blog post.

Whether Enom should be watching for such spoof domain accounts is "not really our place to say but we would, however, love for more registrars and hosting companies to proactively monitor domains of this nature to better protect their customers in addition to their own brand," Hay said.

He said OpenDNS is still investigating and was not ready to attribute the spate of attacks to a specific group. That information may be released later, he said.

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk

Subscribe here for up-to-date channel news

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Tags OpenDNSsecuritypaypal

Featured

Slideshows

StorageCraft celebrates high achievers at its inaugural A/NZ Partner Awards

StorageCraft celebrates high achievers at its inaugural A/NZ Partner Awards

Revealed at a glitzy bash in Sydney at the Ivy Penthouse, the first StorageCraft Partner Awards locally saw the vendor honour its top-performing partners with ASI Solutions, SMBiT Pro, Webroot, ACA Pacific and Soft Solutions New Zealand taking home the top awards. Photos by Maria Stefina.

StorageCraft celebrates high achievers at its inaugural A/NZ Partner Awards
Kiwi resellers make a splash on Synnex and Lenovo RotoVegas road trip

Kiwi resellers make a splash on Synnex and Lenovo RotoVegas road trip

​Synnex and Lenovo hosted 18 resellers for an action-packed weekend adventure in RotoVegas, taking in white water rafting on the Kaituna River, as well as quad biking and dinner at Stratosfare​, overlooking Lake Rotorua at the top of Mount Ngongotaha​. Photos by Synnex.

Kiwi resellers make a splash on Synnex and Lenovo RotoVegas road trip
Show Comments