PayPal Notification Of Payment Received – Fake PDF Malware

Fake

PayPal Notification of payment received is another one from the current zbot runs which try to drop cryptolocker, ransomware and loads of other malware on your computer. They are using email addresses and subjects that will entice a user to read the email and open the attachment.

These emails are absolutely identical to the genuine emails that you receive from PayPal when someone sends you money, especially after selling something on eBay . The difference is the link to the transaction goes to a fake site that tries to download a malware file to your computer, that appears to be a PDF.

Almost all of these have a password stealing component, with the aim of stealing your email or FTP ( web space) log in credentials. Many of them are also designed to specifically steal your facebook and other social network log in details.

Please read our How to protect yourselves page for simple, sensible advice on how to avoid being infected by this sort of socially engineered malware.

email reads:

You’ve Received New Funds!Dear derek@thespykiller.co.uk,This email confirms that you have received a payment for 060.70 GBP from Browning352@moneyworkhere.com

Receipt ID: 2111-7964-4640-4830
The number above is the buyer’s receipt ID for this transaction. Please retain it for your records so that you will be able to reference this transaction for customer service.

View the details of this transaction

PayPal Shopping Cart Contents

Item Name: Post Man Pat, PC Selby Car & Figure
Item Number: 400301809020
Quantity: 1
Total: 060.70 GBP

 

Cart Subtotal: 060.70 GBP
Postage: 14.25 GBP
VAT:
Cart Total: 060.70 GBP

 

Payment Details

Total amount: 060.70 GBP
Currency: British Pounds
Transaction ID: 7HD151924J961211N
Postage and packaging: 14.25 GBP
Postal insurance: 0.00 GBP
Buyer: Kathryn Watts
Buyer’s User ID: kate3282

Postage Information

Address Kathryn Watts 2 Haselmere Close Bury St Edmunds, Suffolk IP32 7JQ United Kingdom
Address status Confirmed

Have you lifted your withdrawal and receiving limits? Just log in to your PayPal account and click View Limits on the Account Overview page.

Yours sincerely, PayPal

Copyright S 1999-2012 PayPal. All rights reserved. PayPal (Europe) S.a r.l. et Cie, S.C.A. Societe en Commandite par Actions Registered Office: 5th Floor 22-24 Boulevard Royal L-2449, Luxembourg RCS Luxembourg B 118 349PayPal Email ID PP345

And looks like


PayPal Notification of payment received

12 May 2021: PP_detalis_726716942049.pdf.exe ( 485 kb) Current Virus total detections: 0/51

This PayPal Notification of payment receivedis another one of the spoofed icon files that unless you have “show known file extensions enabled“, will look like a proper PDF file instead of the .exe file it really is, so making it much more likely for you to accidentally open it and be infected.

All of these emails use Social engineering tricks to persuade you to open the attachments that come with the email. Whether it is a message saying “look at this picture of me I took last night” and it appears to come from a friend or is more targeted at somebody who regularly is likely to receive PDF attachments or Word .doc attachments or any other common file that you use every day. Be very careful when unzipping them and make sure you have “show known file extensions enabled“, And then look carefully at the unzipped file. If it says .EXE then it is a problem and should not be run or opened.

Total
1
Shares
Leave a Reply

Your email address will not be published.

Related Posts