Clever Phishing Scam Uses Legitimate PayPal Messages

Brian Krebs is reporting on a clever PayPal phishing scam that uses legitimate PayPal messaging.

Basically, the scammers use the PayPal invoicing system to send the email. The email lists a phone number to dispute the charge, which is not PayPal and quickly turns into a request to download and install a remote-access tool.

Posted on September 1, 2022 at 7:18 AM3 Comments


Ted September 1, 2022 10:01 AM

I was just reading a book that discusses PayPal’s founding. The company was forced to deal with impactful fraud issues early on. Their Gausebeck–Levchin test would eventually end up being widely adopted by the tech industry and known as a captcha.

PayPal also developed another system called “Igor” named after a fraudster who siphoned off $15 to $20 million. I wonder what new controls PayPal has put in place in response to these phishes.

The 2021 book is “The Contrarian: Peter Thiel and Silicon Valley’s Pursuit of Power.”

lurker September 25, 2022 1:19 AM


• That book vanished from my local library catalog as soon as I placed a reserve, MIA for 3 weeks …

• After reading it, all I can say is “Fascinating!” and lift one eyebrow …

Leave a comment


Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via

Sidebar photo of Bruce Schneier by Joe MacInnis.