Fake PayPal Emails Distributing Malware

leadership team img1

By Michelle Drolet

Founder & CEO

Ms. Drolet is responsible for all aspects of business for Towerwall. She has more than 24 years of,

Read More

Everyday there is a new threat with seemingly innocent emails being sent out that look close to an official correspondence from a company, from Paypal, ADP and BBB – to name a few.
Cybercriminals are mimicking the online payment processor PayPal in a malicious spam campaign that attempts to dupe customers into downloading malware from links in seemingly authentic emails, according to a Webroot report written by Dancho Danchev.
The piece of malware in use here is a backdoor that, once downloaded, can be used by an attacker to take complete control of the infected host machine. Danchev writes that some 90 percent of antivirus scanners are detecting the download as ‘backdoor.win32.androm.fm.’
The email that Danchev analyzed can be seen below.

This isn’t by the first time PayPal users have been targeted in malicious campaigns. In fact, customers of the payment processor have been a popular target among phishers for years now. For its part, PayPal has done what it can. They implemented a bug bounty program earlier this year and at least try to educate customers about the dangers of social engineering. However, the reality is that it is almost impossible to prevent criminals from imitating their service, so this problem is not likely to go away any time soon.