Overview
A widespread phishing campaign impersonating PayPal is targeting users with fake account suspension emails. These emails contain links to convincing replica websites designed to steal login credentials.
Expert Analysis
GetCyberRight Analyst Assessment
This analysis was prepared by our security team based on verified threat intelligence and official sources.
This campaign uses sophisticated email templates that closely mimic legitimate PayPal communications. The phishing domains use SSL certificates to appear secure and employ URL obfuscation techniques. The campaign has been active across multiple regions with emails localized in several languages.
Indicators of Compromise
domain
paypal-verify-account.comKnown phishing domain
email
Various sender addresses mimicking PayPalSpoofed sender
What You Should Do
1
Do not click links in emails claiming to be from PayPal
2
Log in to PayPal directly by typing paypal.com in your browser
3
Forward suspicious emails to [email protected]
4
Enable two-factor authentication on your PayPal account
5
Check your account activity for unauthorized transactions