Phishing attacks are one of the most common ways used to hack people. But it is definitely weird to it being used openly like on your Twitter timeline as a Twitter ad. Yes. There’s a PayPal phishing scam on Twitter as a promoted tweet and we ask you to beware of it.
This is a report from TheNextWeb says the account of the supposed promoted tweet looks quite legitimate.
The account (now deleted) reported by TheNextWeb was “@PaypalChristm”. The tweet circulating the phishing attack was a promoted post.
The account, @PaypalChristm, claimed to be a genuine Paypal account which is obviously untrue taking a look at the username. This account was promoting an end of year game of chance event.
It didn’t say what prizes were at stake to be won. But it showed the scene of an iPhone and a new car.
To join in and have a chance of winning, all you had to do is to verify your PayPal account. Don’t get your hopes high yet, this was a scam!
Clues revealing it was a fake PayPal promotion
A couple of obvious hints give the @PaypalChristm away that is was a fake account. One, the URL had a misspelling of “PayPal”. It spelled
PayPal as “paypall”. (Notice the double “L”)
Two, the account was not a verified account. It also had just about 100 followers.
Also, the photo on the promoted tweet was not in line with the PayPal’s professional way of advertising. It looked really unprofessional and too low to be coming from an established company.
Now, going through link you get to the supposed PayPal login page. The page looked quite legitimate but don’t let it fool you. That’s how phishing attacks work. They make the fake login page just like that of the site they are impersonating. The link didn’t have a secure layer which HTTPS, with emphasis on the “S” meaning “secure”. That is obviously not a financial website!
After logging in, obviously with a fake credentials, there comes another PayPal clone page. This page now asks you to confirm your credit card details.
These identity thieves are really pumped up to steal credential from PayPal’s users.
Nowadays, such scams even overtake verified Twitter accounts to do their bidding. Or they can modify accounts to look like that’s the accounts of popular people, maybe a celeb and use that.
Currently, there are such scams floating all over, although Twitter is doing its best to clamp them down. We caution you to be extra careful since these “phishers” have really upped their game.