Hack Reports - Latest Cybersecurity News, Trends & Updates

New PayPal Phishing Scam Exploits MS365 Tools and Genuine-Looking Emails

Geetansh -

Latest News on PayPal Phishing Scam 2025

Summary:
A sophisticated PayPal phishing scam has been identified, exploiting a loophole in PayPal's system and leveraging Microsoft 365 tools to deceive users. The scam involves legitimate-looking emails and valid PayPal login pages to trick victims into linking their accounts to unauthorized addresses, potentially granting attackers control over their finances15.

MS365 Phishing Attack Analysis

Attack Methodology:

  1. Legitimate Email and URL: The scam uses real-looking emails and valid PayPal login pages to deceive users. The email directs recipients to a legitimate PayPal login page, prompting them to log in to investigate a supposed payment request15.
  2. Microsoft 365 Exploit: Attackers register an MS365 test domain and create a distribution list containing victim emails. They then send a legitimate PayPal money request to all recipients using Microsoft's Sender Rewrite Scheme (SRS) to bypass email authentication checks15.
  3. Account Takeover: Once the victim logs in, the scammer's account is linked to the victim's account, allowing them to take control of the victim's PayPal account15.

How to Avoid PayPal Scams

  1. Cybersecurity Awareness:

    • Be cautious of unsolicited emails, even if they appear legitimate.
    • Hover over links to verify URLs before clicking.
    • Never enter login credentials on websites unless certain of their authenticity15.

  2. Verify Payment Requests:

    • Scrutinize all unexpected payment requests, even if they appear legitimate.
    • Use data loss prevention (DLP) rules to detect such attacks. A DLP rule can be configured to flag emails involving multiple recipients from a distribution list, helping identify and block these phishing attempts5.

  3. Enable 2FA:

    • Enable two-factor authentication (2FA) on PayPal accounts to enhance security15.

  4. Human Firewall:

    • Educate employees to be aware and cautious of any unsolicited email, regardless of how genuine it may look. This is crucial in preventing phishing attacks15.

By following these guidelines, users can significantly reduce the risk of falling victim to the latest PayPal phishing scams exploiting MS365 tools.