Security News

PayPal-themed phishing kit allows complete identity theft
2022-07-14 10:20

By misusing the PayPal logo and general design, the phishing kit leads users through a set of pages and forms aimed at collecting information that can later be used to steal the victims' identity and perform money laundering, open cryptocurrency accounts, make fraudulent tax return claims, and much more. The attackers using the kit are targeting legitimate WordPress sites.

New Unpatched Bug Could Let Attackers Steal Money from PayPal Users
2022-05-23 04:02

A security researcher disclosed details of a clickjacking attack demonstrated against PayPal that could be exploited to steal victims' account balances in a single click. "But during my deep testing, I found that we can pass another token type, and this leads to stealing money from [a] victim's PayPal account."

TrickBot Ravages Customers of Amazon, PayPal and Other Top Brands
2022-02-16 22:34

Cyberattackers are targeting 60 different high-profile companies with the TrickBot malware, researchers have warned, with many of those in the U.S. The goal is to attack those companies' customers, according to Check Point Research, which are being cherry-picked for victimization. The TrickBot malware was originally a banking trojan, but it has evolved well beyond those humble beginnings to become a wide-ranging credential-stealer and initial-access threat, often responsible for fetching second-stage binaries such as ransomware.

Threat Actors Weaponize Telegram Bots to Compromise PayPal Accounts
2021-09-29 13:55

Cybercriminals are using Telegram bots to steal one-time password tokens and defraud people through banks and online payment systems, including PayPal, Apple Pay and Google Pay, new research has found. Threat actors are using Telegram bots and channels and a range of tactics to gain account information, including calling victims, and impersonating banks and legitimate services, researchers said.

Dark web prices drop for credit cards but soar for PayPal accounts
2021-09-08 18:26

A new report from consumer website Comparitech looks at dark web selling prices for credit cards and PayPal accounts in particular. Credit cards are sold on the dark web either as digital items or physical clones of real cards.

ACI Worldwide partners with PayPal to bring digital wallet payment options to its biller clients
2021-08-17 00:00

ACI Worldwide announced a collaboration with PayPal to bring digital wallet payment options to ACI's biller clients like Monroe County Water Authority. PayPal and Venmo will be integrated with ACI Speedpay, giving consumers more options to make bill payments conveniently and securely using the digital methods that suit them best.

Twitter Tip Jar may expose PayPal address, sparks privacy concerns
2021-05-07 13:11

Twitter 'Tip Jar' may expose your PayPal shipping address. "For now, a limited group of people around the world who use Twitter in English can add Tip Jar to their profile and accept tips."

PayPal announces Checkout with Crypto
2021-03-30 12:07

Available at millions of global online businesses and continuing to expand over the coming months, PayPal customers with cryptocurrency holdings in the U.S. will be able to choose to check out with crypto seamlessly within PayPal at checkout. "As the use of digital payments and digital currencies accelerates, the introduction of Checkout with Crypto continues our focus on driving mainstream adoption of cryptocurrencies, while continuing to offer PayPal customers choice and flexibility in the ways they can pay using the PayPal wallet," said Dan Schulman, president and CEO, PayPal.

Supply-Chain Hack Breaches 35 Companies, Including PayPal, Microsoft, Apple
2021-02-10 13:49

These installers-such as Python Package Index for Python or npm and the npm registry for Node-are usually tied to public code repositories where anyone can freely upload code packages for others to use, Birsan noted. Birsan decided to answer this question last summer while attempting to hack PayPal with another ethical hacker, Justin Gardner, who shared with him "An interesting bit of Node.js source code found on GitHub," Birsan said.

Beware: PayPal phishing texts state your account is 'limited'
2021-01-03 12:58

A PayPal text message phishing campaign is underway that attempts to steal your account credentials and other sensitive information that can be used for identity theft. When PayPal detects suspicious or fraudulent activity on an account, the account will have its status set to "Limited," which will put temporary restrictions on withdrawing, sending, or receiving money.