Menu
Many PayPal lookalike phishing websites taken offline

Many PayPal lookalike phishing websites taken offline

Some were nearly identical copies of PayPal's website, OpenDNS said

A handful of convincing phishing sites including this one targeting PayPal have been taken offline, according to OpenDNS.

A handful of convincing phishing sites including this one targeting PayPal have been taken offline, according to OpenDNS.

PayPal has worked to shut down a handful of phishing websites that sought to steal people's login credentials by appearing to be the company's real website, according to a security company.

Many of the sites, which are offline or have been redirected, were nearly identical copies of PayPal's website, which could have fooled some victims into divulging their details, according to OpenDNS, a security company that in part monitors for suspicious domain name registrations.

PayPal has long been a target for fraudsters who for years have registered domain names that try to mimic legitimate PayPal domains or services in order to compromise accounts.

The more convincing phishing sites in this latest batch may have been created using a custom software kit rather than merely copying and pasting code from PayPal's real site, said Andrew Hay, senior security research lead with OpenDNS.

"We have it on good authority from our contacts at PayPal that the kits being used were quite sophisticated when compared to others that they have seen previously," Hay wrote via email.

In two instances, the fraudsters registered the domain names "redirectly-paypal.com" and "security-paypal-center.com" through Wix.com, a Web-based service for creating websites. Both sites are no longer active.

Other suspicious domain names were bought through Enom, a domain name registrar, OpenDNS said in a blog post.

Whether Enom should be watching for such spoof domain accounts is "not really our place to say but we would, however, love for more registrars and hosting companies to proactively monitor domains of this nature to better protect their customers in addition to their own brand," Hay said.

He said OpenDNS is still investigating and was not ready to attribute the spate of attacks to a specific group. That information may be released later, he said.

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk


Follow Us

Join the newsletter!

Error: Please check your email address.

Tags OpenDNSsecuritypaypal

Featured

Slideshows

Tech industry comes together as Lexel celebrates turning 30

Tech industry comes together as Lexel celebrates turning 30

Leading figures within the technology industry across New Zealand came together to celebrate 30 years of success for Lexel Systems, at a milestone birthday occasion at St Matthews in the City.​

Tech industry comes together as Lexel celebrates turning 30
HP re-imagines education through Auckland event launch

HP re-imagines education through Auckland event launch

HP New Zealand held an inaugural Evolve Education event at Aotea Centre in Auckland, welcoming over 70 principals, teachers and education experts to explore ways of shaping and enhancing learning using technology.

HP re-imagines education through Auckland event launch
Reseller News ICT Industry Awards 2017 - Meet the winners...

Reseller News ICT Industry Awards 2017 - Meet the winners...

Reseller News honoured the industry’s finest on a standout evening for the New Zealand channel, recognising the achievements of established and emerging partners on a memorable night in Auckland.

Reseller News ICT Industry Awards 2017 - Meet the winners...
Show Comments