fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Beware: PayPal Phishing Texts State Your Account Is ‘Limited’

Beware: PayPal Phishing Texts State Your Account Is ‘Limited’

A PayPal text message phishing campaign is underway that attempts to steal your account credentials and other sensitive information that can be used for identity theft.

When PayPal detects suspicious or fraudulent activity on an account, the account will have its status set to “limited,” which will put temporary restrictions on withdrawing, sending, or receiving money.

A new SMS text phishing (smishing) campaign pretends to be from PayPal, stating that your account has been permanently limited unless you verify your account by clicking on a link.

“PayPal: We’ve permanently limited your account, please click link below to verify,” the smishing text message reads.

Clicking on the enclosed link will bring you to a phishing page that prompts you to log in to your account, as shown below.

PayPal smishing text and landing page

Also Read: Going Beyond DPO Meaning: Ever Heard of Outsourced DPO?

If you log in on the phishing page, the entered PayPal credentials will be sent to the threat actors. The phishing page then goes a step further as it will try to collect further details from you, including your name, date of birth, address, bank details, and more.

Collecting personal information from the victim

The collected information is used to conduct identity theft attacks, gain access to your other accounts, or perform targeted spear-phishing attacks.

Yesterday, two other people I know received these phishing texts, so it is a very active campaign, and everyone needs to watch out for these messages.

Smishing scams are becoming increasingly popular, so it is always important to treat any text messages containing links as suspicious. As with all phishing emails, never click on suspicious links, but instead go to the main site’s domain to confirm if there is an issue with your account.

What should you do if you enter info at this link?

If you received this text and mistakenly logged into your PayPal account or provided other information, you should immediately go to Paypal.com and change your password.

If you use that same password at other sites, change them there as well.

Finally, you should look out for other targeted phishing campaigns using the submitted data. BleepingComputer also suggests that you monitor your credit report to make sure fraudulent accounts are not created under your name.

Also Read: Limiting Location Data Exposure: 8 Best Practices

To prevent identity theft, you can also temporarily freeze on your credit report to stop banks and other companies from issuing credit under your name.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us