Solana PayPal Invoice Scam

    Solana PayPal Invoice Scam
    Shutterstock

    Recently we have been tracking a series of PayPal-based invoice scams, in which fraudsters are emailing invoices via PayPal to would-be victims. This week’s example has been utilizing the Solana blockchain as its disguise. As seen below, the invoice contains a large, fictional payment that is intended to alarm the recipient.

    Solana PayPal Scam_Invoice_20220930
    PayPal invoices. Source: Reddit

    How the Solana PayPal Invoice Scam Works

    Alongside the communication is a phone number that the victim is asked to contact in order to dispute the pending charge. This scam is highly effective in its social engineering strategy as the email is, after all, a legitimate one that does come from PayPal directly. Thus the whole incident is lent a smokescreen of persuasiveness. Victims who call the number to dispute the charge will be put into direct contact with the scammers. At this point, there will be several scam attempts open to the scammer, for example:

    • requesting personal information to authenticate your account;
    • requesting that the individual downloads necessary software such as administrative tools;
    • requesting that the victim visits the website, “globalquicksupport[.]com”;
    • and even requesting direct control of the user’s device.

    In response to these scams, PayPal has stated:

    “We are aware of this well-known phishing scam and have put additional controls in place to mitigate this specific incident. Nonetheless, we encourage customers to always be vigilant online and to contact Customer Service directly if they suspect they are a target of a scam.”

    So to summarize, be wary of any unexpected/unauthorized charges that come in via email — even if the email itself comes from a legitimate company such as PayPal. NEVER click on links or call numbers — and when in doubt, contact the relevant company directly.

    Protect Yourself with ScamCheck

    • Double-check people’s contact details — and URLs.
    • Reach out to official websites and support pages directly for help if in doubt.
    • NEVER use links or buttons from unknown sources! Use Trend Micro ScamCheck to detect scams with ease: Trend Micro ScamCheck is a browser extension and mobile app for detecting scams, phishing attacks, malware, and dangerous links — and it’s FREE!

    After you’ve pinned the ScamCheck extension, it will block dangerous sites automatically! (Available on Safari, Google Chrome, and Microsoft Edge).

    TMC_CTA_Extension_2022

    You can also download the ScamCheck mobile app for 24/7 automatic scam and spam detection and filtering. (Available for Android and iOS).

    TMC_CTA_Mobile_2022

    Check out this page for more information on ScamCheck.

    Given you’ll be required to enter personal information on these kinds of platforms, ID Security will also ensure you’re never the victim of a data breach.

    And as ever, if you’ve found this article an interesting and/or helpful read, please do SHARE it with friends and family to help keep the online community secure and protected.

    Post a comment

    Your email address won't be shown publicly.

    0 Comments

      This website uses cookies for website functionality, traffic analytics, personalization, social media functionality and advertising. Our Cookie Notice provides more information and explains how to amend your cookie settings.