ONLINE PAYMENT SERVICE Paypal has been the victim of a sophisticated phishing attack, according to the US Computer Emergency Readiness Team (US-CERT).
The attack, which is also being used to target Bank of America, Lloyds and TSB, is sent as part of an HTML attachment with unsolicited emails claiming to be legitimate.
The key difference between this attack and similar phishing attempts is that it locally stores the phishing webpage, rather than redirecting the user to a specific URL, which can be caught by anti-phishing measures built into many popular web browsers. Storing the website locally allows the attack to completely bypass browsers' anti-phishing defences.
US-CERT recommends that users be extra cautious online, particularly with personal information. It suggests that users should not open links and attachments in unsolicited emails, and should also attempt to verify that the email is legitimate by contacting the organisation in question or logging in directly through official websites only. µ
Breach occurred in 2016 but took two years to travel into Orbitz's view
Company even manages to make social engineering duller than it already is
Work on the 'specialist' facility is set to begin 'within weeks'
Weibo leak claims upcoming flagship will go on sale for $749