A common anti-phishing tactic might not protect you anymore. Spammers are getting craftier with how they can capture and steal your data. Fraudsters in these particular attacks are using JavaScript to send users to a legitimate PayPal site while sending their credentials to a different domain that hosts a phishing page:
“The javascript runs as soon as the page (HTML attachment) is loaded and intercepts all posts to PayPal.com and diverts them to the actual phishing page to accept all your details, if you are unwise enough to fall for this trick.”
So other than being fooled into clicking on what seems like a legitimate link, just go directly to the website and ensure you have two-step verification enabled. So far, this is your surest bet to not be sucked down the rabbit hole of a phisher.
Leave a Reply