[Alert] Trend Micro’s Name Used in PayPal Phishing Scams

    [Alert] Trend Micro’s Name Used in PayPal Phishing Scams
    Shutterstock

    We have been tracking a series of PayPal-based invoice scams for a while now, in which fraudsters are emailing fake invoices via PayPal to would-be victims. For example, see this crypto-related PayPal scam we reported on in October. Now, in a particularly egregious scam attempt fraudsters are using the good name of Trend Micro in their schemes. As seen below, the invoice contains a large, fictional payment that is intended to alarm the recipient.

    Scam Alert_Trend Micro LLC PayPal Scam_Sample scam emails sent via PayPal_20221215
    Scam Alert_Trend Micro LLC PayPal Scam_Sample scam emails sent via PayPal_2_20221215

    Sample scam emails sent via PayPal

    How the Trend Micro LLC PayPal Invoice Scam Works

    In the email’s text is a phone number that the would-be victim is asked to contact in order to dispute the pending charge. This scam is highly effective in its social engineering strategy as the email is a legitimate one that does come from PayPal. Because of this, the scam attempt is lent a smokescreen of persuasiveness.

    Victims who call the number to dispute the charge will be put into direct contact with the scammers. At this point there will be a few routes the scammer can take, for example:

    • requesting personal information to authenticate the account;
    • requesting that the individual downloads necessary software such as administrative tools;
    • requesting that the victim visits the website, “anydesk[dot]com”;
    • and requesting direct control of the user’s device.

    4 Red Flags You Should Be Aware Of

    Although most of these emails do come from PayPal, there are still red flags:

    1. Requester:
      A PayPal email following a legitimate purchase with a large company like Trend Micro will definitely NOT be sent as a money request from a random individual.
    2. Scare tactics:
      Notice also how the quoted text (which is a copy & paste job) immediately claims the payment made was “unauthorized” in order to scare you. Likewise the 24hr deadline — a classic social engineering tactic to pressure victims.
    3. Phone numbers:
      Don’t call the numbers listed in the email, go to the official site. There are several different phone numbers provided in these emails — for a large company however, there will be just one dedicated phone number per issue / per location.
    4. Odd layout:
      The scam attempt below is easier to spot as the whole thing is fake — including the “PayPal” email. Notice the odd word choice (“didn’t witness”), as well as poor layout and a different font.
    Scam Alert_Trend Micro LLC PayPal Scam_2_20221215
    Sample scam email

    What You Can Do

    At present we have around ten confirmed reports of this scam attempt — our thanks to those who have reported the emails to us at tmsupport@fraudbuster.trendmicro.com. It is these lines of communication which will help combat such scam attempts and keep consumers secure.

    PayPal also encourages users to forward suspicious emails to phishing@paypal.com, where their security experts can determine fakes — and shut down the source of the email. Consumers can also report scam attempts to the Better Business Bureau, where reports and transcriptions will be posted, as seen below.

    Scam Alert_Trend Micro LLC PayPal Scam_BBB Scam tracker_20221215
    Source: BBB

    What Will a Legitimate PayPal Email from Trend Micro Look Like?

    Scam Alert_Trend Micro LLC PayPal Scam_PayPal email following a real purchase_20221215
    PayPal email following a real purchase

    This is what an authentic PayPal email will look like following a legitimate purchase with Trend Micro:

    • Note that there is no nonsense story from a random individual. We work with Digital River, so the payment will be made to “Digital River Ireland Ltd”, NOT “Trend Micro LLC”.
    • There is no 24hr time limit to dispute.
    • There is also far more detail about the payment.

    Trend Micro LLC PayPal Invoice Scam: In Summary

    To summarize, be wary of any unexpected/unauthorized charges that come in via email — even if the email itself comes from a legitimate company such as PayPal. NEVER click on links or call numbers on the email— and when in doubt, contact the relevant company directly.

    We would also encourage users to continue forwarding suspicious emails to us at tmsupport@fraudbuster.trendmicro.com — particularly if it involves Trend Micro’s name.

    In response to this type of scam, PayPal has previously stated:

    “We are aware of this well-known phishing scam and have put additional controls in place to mitigate this specific incident. Nonetheless, we encourage customers to always be vigilant online and to contact Customer Service directly if they suspect they are a target of a scam.”

    Scam Alert_Trend Micro LLC PayPal Scam_Phone screenshots of sample emails_20221215
    Scam Alert_Trend Micro LLC PayPal Scam_Phone screenshots of sample emails_2_20221215

    Phone screenshots of sample emails

    Protect Yourself with Trend Micro Check

    NEVER use links or phone numbers from unknown sources! Use Trend Micro Check to detect scams with ease: Trend Micro Check is an all-in-one browser extension and mobile app for detecting scams, phishing attacks, malware, and dangerous links — and it’s FREE!

    After you’ve pinned the Trend Micro Check extension, it will block dangerous sites automatically! (Available on Safari, Google Chrome, and Microsoft Edge).

    TMC_CTA_Extension_2022

    You can also download the Trend Micro Check mobile app for 24/7 automatic scam and spam detection and filtering. (Available for Android and iOS).

    TMC_CTA_Mobile_2022

    Given you’ll be required to enter personal information on these kinds of payment platforms, ID Security will also ensure you’re never the victim of a data breach. Lastly, check out this page for more information on Trend Micro Check.

    If you’ve found this article an interesting and/or helpful read, please do SHARE it with friends and family to help keep the online community secure and protected — and consider providing a comment or like below. Stay safe, folks!

    Post a comment

    Your email address won't be shown publicly.

    0 Comments