Several pieces of personal information, including official identification documents and images, are being attempted to be stolen from victims by a recently found phishing kit that targets PayPal users.
The kit can partially elude detection because it is hosted on trusted WordPress websites that have been hacked.
The researchers discovered that the creator of the phishing kit made the entire graphical interface to match PayPal’s theme, giving the phishing pages a genuine-looking appearance.
Cross-referencing IP addresses to domains belonging to a certain group of businesses, including some organisations in the cybersecurity industry, is one technique the phishing kit employs to escape detection.
