Skip navigation

Holiday Phishing Campaigns Target PayPal & Amazon Customers

During this time of the year, holiday shopping can mean it’s harder for people to keep track of their online transactions and accounts - a disordered state of being that criminals are taking advantage of through phishing campaigns that target popular payment and ecommerce websites.

PayPal Phishing Campaign

A new phishing campaign has been recently found to target consumers via PayPal. The PayPal phishing email plays on the emotions of targets, creating a false sense of urgency by claiming that your recent transaction cannot be verified, as reported by MalwareBytes.

The email message claims to confirm that the user has changed their password, and that they notice some changes to their selling activities that will require information verification. Once a user clicks on the link, they're led to a spoofed PayPal website, titled "Resolution Center" that asks for personal information, credit card numbers and extensive banking information.

Verify ID on PayPal Source: HackRead

The scam goes even further, asking the user to upload documents to verify their identity, including a passport, identity card or driver’s license, according to HackRead. If you’re giving that much information away, it’ll be much harder to detect identity fraud right away - compared to a stolen credit card number, which can be potentially flagged and stopped by your bank.

If you're on Chrome, Google has already flagged the fake login link used in this scam as a potentially dangerous site. Check the browser address bar for the verified green signature (lock icon) to ensure the page is legitimate.

PayPal provides information on phishing and suspicious emails, and a way for people to report suspected fraud on their website.

Amazon Phishing Campaign

In November, the Better Business Bureau reported on a phishing scam that impersonated Amazon.com. The message claimed that they could not confirm the address associated with your Amazon account.

Amazon Scam Source: BBB

The message also stated that Amazon had disabled login access, and required action from the user to verify account information and re-enable access to their account - urging the user to click on the link in the email, which doesn’t lead to Amazon.com but rather a third-party site that could be hosting malware.

Amazon provides a security and privacy page on identifying emails or webpages from Amazon, as well as providing an email address to report suspicious URLs or emails - stop-spoofing@amazon.com. Check out the page linked above for instructions on how to do so.

Yet, another Amazon phishing scam as reported on Twitter was spotted urging customers to call into tech support:

What to Look Out For

Slow down and pay attention to email messages to avoid clicking on or giving away sensitive information. Beware of any urgent calls to action related to your transactions or account information - this type of messaging plays on the reactive emotional response of a user to get information from them quickly.

Don’t click on links within the email - type the website URL into your address bar manually or use a search engine to locate the webpage. Check for https:// and a verified lock icon in your address bar (but don’t use this as the single indicator of security, as this doesn’t always mean 100% assurance, as new phishing tactics from this summer have found).

Protecting Against Account Breaches and Malware

Aside from what to look out for, you can proactively protect against account breaches caused by phishing attempts by turning on two-factor authentication (also sometimes referred to as ‘two-step verification,’ ‘multi-factor authentication’ or ‘2FA’ for short) for all of your online accounts, especially any tied to your financial or personal information.

A second factor of authentication (preferably via an authentication method that isn’t SMS-based, if that’s an option) can stop criminals from logging into your account remotely using only a stolen password. Check out How to Add Two-Factor Authentication to Your Amazon Account With Duo Mobile.

In addition to protecting against unauthorized logins from stolen passwords, you can potentially better protect your devices against malware infection caused by clicking on links and visiting malicious websites by keeping your software up to date - that means running operating system, browser, plugin and other application updates as soon as they’re available. The more up to date your system is, the less likely it is you will be compromised by malware that seeks out weaknesses in old software to exploit.

Tagged: phishing, paypal, amazon

Thu Pham

Information Security Journalist

@Thu_Duo

Thu Pham covers current events in the tech industry with a focus on information security. Prior to joining Duo, Thu covered security and compliance for the infrastructure as a service (IaaS) industry at Online Tech. Based in Ann Arbor, Michigan, she earned her BS in Journalism from Central Michigan University.