Moreover, users are tricked into giving away also their PayPal credentials and payment card details. During a four-step process, the attack asks for the user’s address, payment card data, and a picture of the user holding his ID card. Brought to Bleeping’s attention by security researchers from PhishMe, the fraudster behind this operation relies on spam emails to drive users toward a PayPal phishing page hosted on a compromised WordPress site from New Zealand.
This manoeuvre of asking a user for a selfie while holding his ID card has been in October 2016, when McAfee discovered a version of the Acecard Android banking trojan that was also asking users to take a selfie holding their ID card when logging into their mobile banking accounts.
At the time of writing, the phishing page had been removed, the online publication continues.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now