The New Ransomware Try To Steal Credentials Of PayPal
Till now ransomware is known for encrypting data and forcing victim to pay ransom. But a new ransomware has been detected by security expert which is designed to steal PayPal credentials. However the ransomware is in development stage but according to report it is very effective. Where other ransomware provides ransom note to victims and want them to complete ransom by paying Bitcoins, this ransomware provide option to complete ransom via PayPal. Such attacks show how the cyber criminals are updating with the changing year. The main motive of this scam is to gain access of user’s login and password for PayPal account and then steal the credentials stored in it.
Technique Used In This Ransomware PayPal Phishing Scam
First of all like other file encrypting threat, this ransomware also encrypt victim’s file by getting secret entry into the system. After that it display ransom not just like other ransomware. But instead of providing the option to pay ransom in Bitcoin this phishing ransomware also allow users to pay ransom via PayPal. The ransomware use a well designed phishing page which look like legitimate payment page of PayPal. If the victim select to pay ransom via PayPal and click on ‘Buy Now’ button, they will be rerouted towards the phishing page which look convincing because it is similar to the real one. Like the legitimate PayPal page it also want victims to provide payment details which include :
- Payment card holder’s name
- Debit or credit card number
- Expiry data of the payment card
- CVV number and the password
Once victim provide their payment details, the obtained data will be send to the phishing webpage http(:)//ppyc-ve0rf(.)890m(.)com/s2(.)php. After that the phishing webpage ask user to provide their personal information like address. Once victim submit all the information asked by the fraudulent page then they will get a message that their account has been unlocked. Then victims will be rerouted towards the official login page of PayPal. No need to say that once hacker get access of teh account they will wipe out all the credential easily.
Recommendations Made By Cyber Security Researchers
Prevention is always better than cure and user’s are suggested to follow every preventive measure that help them to protect their account. Here are some security steps which is recommended by cyber security researchers that help user’s to keep their online account safe:
- Always pay caution. Most of the expert request user’s to pay caution while login into any web-page. If anything appear to be suspicious then just stop moving forward.
- It is necessary to analyze a webpage specially when it is related with your online banking or similar site. User’s are suggested to verify the authenticity of web-page before submitting credential details.
- Last but not least, expert recommend users to not provide any information to the webpage if the URL look suspicious or if the content is not matching. Maybe it is a phishing page designed with the motive of collecting credentials and other information.