Hackers are getting very creative these days; so creative, in fact, that their attacks are now multi-leveled. A new two-for-one ransomware and PayPal phishing malware has been discovered, and it’s a little scary.
Ransomware and PayPal Phishing – Two for One Attack
Ransomware and PayPal Phishing Attack – The Full Story
We’ve all heard about ransomware, it’s a type of malware that encrypts your files until you pay the attacker a sum of money. Usually, the attacker demands payment in cryptocurrency, since it makes it difficult for someone to trace the transaction back to any individual.
Now, MalwareHunterTeam discovered a new malware, still in development, that combines ransomware encryption with a regular phishing attack. The malware in question goes after a victim’s PayPal account. As with any typical ransomware, your data gets encrypted and you end up with a pop-up telling you that your files have been encrypted and asking you to pay the ransom.
Something new: A ransom note that direct victims to a PayPal phishing page… Clicking on the Buy Now button, it directs to the credit card part of the phish already (so the login part is skipped). After filling & clicking Agree comes the personal info part & then finished… pic.twitter.com/NR8HEKsC0b
If the victim decides to try the PayPal payment route, they’ll be directed to a phishing site that does a great job of mimicking PayPal. After a victim puts his PayPal information, he or she will be directed to another site that asks for the address and other personal information of the target. When all of that process is done, the victim is once again redirected to the actual PayPal login page.
By then, the attacker would already have the victim’s credentials and PayPal account.
How to Protect Yourself From the Ransomware and PayPal Phishing malware
Similar to other malware, the way to stay protected from ransomware is to have preventative measures put in place beforehand. Now, with other types of malware, you can use anti-malware software to catch the malware after it infects your device. However, with ransomware, that’s a little difficult to do. Ransomware basically locks you out of your device, encrypting your data and limiting what you can do. Downloading anti-malware is definitely not an option by then. In other words, you need to already have protective measures in place ahead of time. Here are a few tips that you should follow:
Use Anti-Malware. Always use good anti-malware software to protect your devices from being infected. Make sure you update your anti-malware as soon as an update is available to stay on top of all of the new malware that’s coming out.
Forget Free Software. There is no such thing as free software (note: free does not mean open-sourced). There has to be a payload somewhere, and if it’s not your money then it’s your data. Only download software from credible and trusted developers.
Use a VPN. Encrypt your data and secure your connection with a Virtual Private Network. This is an added level of security that you need to have. For the best use of your VPN, think about installing it on your router to protect all of your devices. A VPN also secures your online payments, in fact, we have a whole review of the best VPNs for PayPal that I really suggest you look at. I suggest you use a credible and trusted VPN provider, like ExpressVPN, to guarantee a good VPN experience.
Ransomware and PayPal Phishing Malware – Final Thoughts
Every day, it gets more apparent that a person cannot be an uninformed internet user anymore. One thing that truly makes a difference when it comes to your online security is knowing what’s out there. Make sure to implement all the security measures you need. This new malware has yet to claim any victims, at least any that we know of, but it is a good indication of what kind of malware the world will soon be dealing with. In other words, it’s better to be safe than sorry.
A reader, writer, and avid internet user. Hiba has spent the better part of her adult life looking for ways to have a safer and more user-friendly online experience, all while praising the uses of VPN connections to anyone who would listen.