Bots Deployed to Attack PayPal Accounts

When a PayPal account has been breached, a lot can be at stake as the threat actors would have access to their victim’s addresses, dates of birth, social security numbers, tax identification numbers, transaction histories, and even access to a victim’s credit card details linked to PayPal.

"We have no information suggesting that any of your personal information was misused as a result of this incident, or that there are any unauthorised transactions on your account," reads PayPal's notification to impacted users.

"We reset the passwords of the affected PayPal accounts and implemented enhanced security controls that will require you to establish a new password the next time you log in to your account"

Threat actors achieve this feat by using PayPal data leaked online and programming bots to stuff the credentials (known as credential stuffing) into the PayPal login page until an account is accessed with the list provided.

PayPal has confirmed that the compromised accounts had not made any sort of transactions while in the threat actor's hands and gave the compromised users a two-year free-of-charge service from ‘Equifax’ to monitor and protect previously hacked accounts to remedy the situation.

Click Here to view full article

Your Security is our Priority

Your friendly Support Team

Speak to us about all your computer needs

This is Part of our Cyber Security awareness educational campaign. Through this training, you will learn awareness and key principles, and best practices to protect yourself, your organisation, and the public from cyber attackers. You will also be equipped with the knowledge to identify potential threats and take action before any damage can occur.