A PayPal phishing campaign is luring victims to a hacked site where a clone of the PayPal login page is trying to trick users into giving away their PayPal credentials, payment card details, and … a selfie of the user holding his ID card. Brought to Bleeping Computer’s attention by security researchers from PhishMe, the crook behind this operation relies on spam emails to drive users toward a PayPal phishing page hosted on a compromised WordPress site from New Zealand. At the time of writing, the phishing page had been removed, but following a classic pattern for phishing sites, users arriving on this page were asked to log in with their PayPal credentials.
ORIGINAL SOURCE: Bleeping Computer
The post PayPal Phishing Site Asks Victims to Submit a Selfie Holding Their ID Card appeared first on IT SECURITY GURU.
from PayPal Phishing Site Asks Victims to Submit a Selfie Holding Their ID Card