SECURITY ALERT: Phishing scam targets PayPal accounts

CSIT has discovered and received confirming reports from numerous faculty, staff and students of a phishing scam which targets PayPal accounts holders.  The message appears to originate from either of two compromised SM论坛 accounts.

The phishing scam arrives with the subject 鈥淧aypal update鈥� and although the sender email address is undisguised and clearly an SM论坛 account.  The message body claims that the PayPal has updated their servers鈥� to improve security of accounts and demands that the recipient follow an embedded link labeled 鈥淰erify Now鈥� in order to 鈥渧erify鈥� their logon information.  The message goes on to claim that their account will be closed is not verifies within 48 hours.  It is signed 鈥淚nformation Technology, Paypal Services, Information Security, Policy & Compliance.鈥�

THIS IS A SCAM.  The embedded URL in the message leads to a faked logon page.  This particular scam is being perpetrated by the same scammers responsible for the phishing scam detailed in today鈥檚 previous security alert.  The fake logon pages for both are hosted on the same server.

CSIT has taken steps to re-secure the compromised accounts used to send these phishing messages, blocked the target site and will do what we can to remove the messages from SM论坛 Inboxes.  Should you find one of more instances of this message in your SM论坛 Inbox, please DO NOT follow the embedded link and delete the message immediately.  If you have already followed the link in the message AND entered your credentials, then recommend immediately changing your PayPal account password.