PayPal Shuts Down Several Copycat Phishing Sites
Cyber criminals often create lookalike sites for popular payment processors and financial institutions in an effort to steal a person’s login information and then hack into that account. PayPal has recently worked to take several of these phishing websites offline to protect unsuspecting customers.
The latest websites to be removed from the web were nearly identical to PayPal’s main website, due to the development of new software kits on the market.
“We have it on good authority from our contacts at PayPal that the kits being used were quite sophisticated when compared to others that they have seen previously,” Andrew Hay, senior security research lead for the security company OpenDNS, told PC World.
The new software allows fraudsters to not only copy and paste codes from the original website, but also customize the codes to create a fluid user experience. Savvy coders could then create a site that matched PayPal’s website on almost all accounts, making it even easier for them to fool people into giving out their account information.
Two of the now inactive phishing sites include Security-PayPal-Center.com and Redirectly-PayPal.com. Both of the domains were registered through Wix.com. Other suspicious domain names are now registered through Enom, even though they have not resulted in phishing sites yet.
Hay said that OpenDNS and other security firms would “love for more registrars and hosting companies to proactively monitor domains of this nature to better protect their customers in addition to their own brand.” Until then, PayPal and other financial service providers will continue to find and take down the sites that aim to harm their users.