In this section

• Home
• Security
• SophosLabs blog
• 2007
• 09

• Analyses
• SophosLabs
• SophosLabs blog
• Spyware and adware
• Top 10 malware
• Hoaxes
• Technical papers
• Email notification
• Best practice
• White papers
• Web seminars
• Podcasts
• Hot topics

26 September 2007 22:40 GMT

IRS = PayPal?

Today SophosLabs observed a typical PayPal phishing email which I found rather amusing. At first glance it seems to be your usual phishing attempt, where they claim they’re trying to do you a service due to a potential security risk where someone in another country tried signing in as you. They ask you to login via a link to verify your account, which is a site mirrored to look like the PayPal site. That’s the same old thing, no big surprises. What was funny though was the Internal Revenue Service (IRS) in the From header, where it seems the person sending out this phish email got their campaigns confused and forgot to change it to the PayPal address.

After doing a bit of digging around, I found this news article on the official IRS website which is just from last week. If I were a betting man I’d say the people behind this PayPal phishing campaign are the same people behind the IRS scam.

Onur Komili, Analyst, SophosLabs, Canada

• Bookmark with del.icio.us
• Submit this story to digg
• Submit this story to slashdot