Newly found
Vulnerabilities04/01/08:
PayPal Phishing Attack
We have seen reports of a phishing attack that targets
PayPal users. The attack arrives via an unsolicited email message containing an
HTML attachment. The message indicates that the attachment is a verification
form intended to offer the user protection from fraudulent activity. Users who
open the attachment are instructed to enter their email address and PayPal
password. This information is then sent to an attacker.
We encourage users to do the following to help mitigate the risks:
Install anti-virus software and keep virus signatures up to date.
Do not open unsolicited email messages.