Fortinet warns of a phishing campaign that uses legitimate links to take over victims’ PayPal accounts. The phishing emails inform the intended victim of a payment request, providing legitimate-looking details, such as an amount and transaction ID, and even contain warnings that one would typically find in an email from PayPal. Furthermore, the messages come from a genuine PayPal address and contain a genuine URL. When the victim clicks on the link, they are taken to a legitimate PayPal login page that shows a request for payment. If the user attempts to log in, however, the page automatically links the victim’s PayPal account with the email address of the phisher. The scammer can then take control of the victim’s PayPal account.

Read more: https://www.securityweek.com/paypal-phishing-campaign-employs-genuine-links-to-take-over-accounts/