Fresh phish! Stripe scam baked and delivered in under an hour

2020-03-02 12:24

For anyone who is a Stripe user - even if they haven't logged in for a while - the email seems pretty genuine.

OK, the button didn't head to a Stripe domain, but the link didn't look particularly out of place, either - it was an HTTPS link to a regular-looking.com domain.

In the screenshot above, the crooks were claiming that someone had connected to "Our" Stripe account from Tbilisi, Georgia, but the IP database we used tells us that the IP this imaginary person came from is allocated to the UK:. $ ip2country 81.76.112.92 Loading data...OK. 81.76.112.92 GB $. GeoIP data is often wrong, so even if you did check up like we did, you might not trust the result.

So you already know where to go - either using your regular browser bookmark, or via the Stripe app - to check up on your account.

We don't know if you spotted it, but if you look really closely at the subject line, you'll notice that the letter i in the words signed and Stripe isn't actually an i at all.

News URL

https://nakedsecurity.sophos.com/2020/03/02/the-stripe-account-phish-that-unfolded-in-under-an-hour/

#phish #scam