Menu
Many PayPal lookalike phishing websites taken offline

Many PayPal lookalike phishing websites taken offline

Some were nearly identical copies of PayPal's website, OpenDNS said

A handful of convincing phishing sites including this one targeting PayPal have been taken offline, according to OpenDNS.

A handful of convincing phishing sites including this one targeting PayPal have been taken offline, according to OpenDNS.

PayPal has worked to shut down a handful of phishing websites that sought to steal people's login credentials by appearing to be the company's real website, according to a security company.

Many of the sites, which are offline or have been redirected, were nearly identical copies of PayPal's website, which could have fooled some victims into divulging their details, according to OpenDNS, a security company that in part monitors for suspicious domain name registrations.

PayPal has long been a target for fraudsters who for years have registered domain names that try to mimic legitimate PayPal domains or services in order to compromise accounts.

The more convincing phishing sites in this latest batch may have been created using a custom software kit rather than merely copying and pasting code from PayPal's real site, said Andrew Hay, senior security research lead with OpenDNS.

"We have it on good authority from our contacts at PayPal that the kits being used were quite sophisticated when compared to others that they have seen previously," Hay wrote via email.

In two instances, the fraudsters registered the domain names "redirectly-paypal.com" and "security-paypal-center.com" through Wix.com, a Web-based service for creating websites. Both sites are no longer active.

Other suspicious domain names were bought through Enom, a domain name registrar, OpenDNS said in a blog post.

Whether Enom should be watching for such spoof domain accounts is "not really our place to say but we would, however, love for more registrars and hosting companies to proactively monitor domains of this nature to better protect their customers in addition to their own brand," Hay said.

He said OpenDNS is still investigating and was not ready to attribute the spate of attacks to a specific group. That information may be released later, he said.

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags securitypaypalOpenDNS

Featured

Slideshows

Ingram Micro maintains Showcase 2018 momentum in Wellington

Ingram Micro maintains Showcase 2018 momentum in Wellington

Ingram Micro maintained Showcase 2018 momentum in Wellington, hosting more than 40 vendors at TSB Arena. Under the banner of Leading the Way, the event demonstrated what’s new, what’s next and how it can be used to improve business and everyday life.

Ingram Micro maintains Showcase 2018 momentum in Wellington
Ingram Micro launches Showcase 2018 in Christchurch

Ingram Micro launches Showcase 2018 in Christchurch

Ingram Micro kickstarted Showcase 2018 in Christchurch, hosting more than 40 vendors at Horncastle Arena. Under the banner of Leading the Way, the event demonstrated what’s new, what’s next and how it can be used to improve business and everyday life.

Ingram Micro launches Showcase 2018 in Christchurch
Data breach notification laws in NZ: How can partners prepare?

Data breach notification laws in NZ: How can partners prepare?

This exclusive Reseller News Roundtable outlined the responsibilities facing security partners today, assessing risk while evaluating the role of the vendor in providing added layers of protection.

Data breach notification laws in NZ: How can partners prepare?
Show Comments