Twitter let someone promote an obvious PayPal phishing scam

Phishing scams are nothing new, but it’s certainly unusual to see them show up in your Twitter timeline as a promoted tweet. Nevertheless, earlier this evening, I came across this promoted post from the (since deleted) account @PaypalChristm.

Twitter let someone promote an obvious PayPal phishing scam 1

The account purported to be a legitimate PayPal account and promoted an end-of-year sweepstakes event. While it didn’t explicitly say what the prizes were, it dangled the prospect of a new car and an iPhone in-front of the potential marks. To be in with a chance of winning, all you must do is verify your details.

Except, it’s a fake. Sorry, I said the words. I’ve got to use the GIF here.

Yeah, anyway. There were several tell-tale clues that @PaypalChristm wasn’t exactly kosher. For starters, in the phishing URL, it misspelled “PayPal” as “Paypall.” Furthermore, the tweet came from an unverified account with fewer than 100 followers. And then there’s the fact that the image on the promoted tweet just wasn’t congruent with PayPal’s distinctive branding. It looked like something someone knocked up in MS Paint in less than ten minutes.

Clicking through on the phishing link, you get to a page that – at least, superficially – looks like the legitimate PayPal login site. The scammers had very clearly gone to great efforts to make it look like the real deal. The most obvious clues that it was a scam were in the lack of HTTPS and the URL.

Twitter let someone promote an obvious PayPal phishing scam 2

I logged in with obviously bogus credentials and was presented with – again – a superficially legitimate-looking page that asked me to confirm my credit card details. This suggests that the attackers weren’t merely interested in accessing PayPal accounts, but also wanted to be able to exploit the victim financially outside of the popular fintech platform.

Twitter let someone promote an obvious PayPal phishing scam 3

PayPal is a huge, globally recognizable financial services brand, with hundreds of millions of users. It’s no surprise that someone would seek to capitalize on its name in order to scam ordinary folks. Indeed, PayPal phishing scams have floated around people’s inboxes for years. Decades, even. Perhaps it was only a matter of time until they made the leap from the inbox to the newsfeed.

This incident fits into a larger trend of digital ne’er-do-wells using promoted tweets as part of their schemes. The most notable example of this features a compromised (and almost always verified) Twitter account that’s been modified to look as though it belongs to Elon Musk. This then invites the public to send Bitcoin (or another major cryptocurrency, like Ethereum) to a specific wallet in order to get a greater sum back.

Twitter let someone promote an obvious PayPal phishing scam 4

While Twitter has been clamping down on the now-notorious Elon Musk scam, the one highlighted in this post obviously managed to slip through the cracks. I’m certainly curious as to how this happened as, at least from the outside, it certainly looked like an obvious PayPal phishing scam.

TNW has reached out to PayPal and Twitter for comment. When we hear back from them, we’ll update this post.

About the author

E-Crypto News was developed to assist all cryptocurrency investors in developing profitable cryptocurrency portfolios through the provision of timely and much-needed information. Investments in cryptocurrency require a level of detail, sensitivity, and accuracy that isn’t required in any other market and as such, we’ve developed our databases to help fill in information gaps.

Related Posts

E-Crypto News Executive Interviews

Crypto Scams

Beanstalk Farms Loses $80M In A Massive DeFi Governance Flash-Loan Hack
Beanstalk Farms Loses $80M In A Massive DeFi Governance Flash-Loan Hack
April 23, 2022
Joon Pak Head of Crypto at Prove talks to Us about Crypto Fraud And More
April 11, 2022
Mintable CEO Zach Burks Talks to Us about the Opensea Stolen NFTs and Their Recovery
March 21, 2022
Crypto Crime
Crypto Crime Surges To Record Highs As Thieves Follow Market Buzz – Chainalysis 2022 Report
February 24, 2022
Bots Circumvent 2FA Login At Coinbase And Other Crypto Exchanges In 2022
Bots Have Circumvented 2FA Logins At Coinbase And Other Crypto Exchanges In 2022
February 17, 2022

Automated trading with HaasBot Crypto Trading Bots

Blockchain/Cryptocurrency Questions and Answers

Roundtable Interview-What is the Effect of The Russia-Ukraine War on Cryptocurrency Prices?
March 4, 2022
How Does Bitcoin Casino Work + 2021 Beginner’s Guide
November 8, 2021
How to Buy and Sell Cryptocurrency
November 8, 2021
What Are Bitcoin Futures And How Will They Work In 2022?
November 4, 2021
The Unconventional Guide to Ethereum
October 28, 2021

CryptoCurrencyUSDChange 1hChange 24hChange 7d
Bitcoin28,981 0.70 % 2.23 % 4.61 %
Ethereum1,774.4 1.81 % 7.49 % 12.33 %
Tether1.001 0.07 % 0.09 % 0.01 %
USD Coin0.9989 0.16 % 0.08 % 0.04 %
BNB297.85 1.21 % 7.23 % 3.18 %
XRP0.3973 0.86 % 0.28 % 5.77 %
Binance USD1.004 0.02 % 0.45 % 0.02 %
Cardano0.9566 0.22 % 0.68 % 6.96 %
Solana41.28 1.42 % 9.90 % 21.12 %
Dogecoin0.07791 1.23 % 3.25 % 10.52 %

Bitcoin (BTC) $ 28,995.00
Ethereum (ETH) $ 1,766.97
Tether (USDT) $ 1.00
USD Coin (USDC) $ 1.00
BNB (BNB) $ 296.78
XRP (XRP) $ 0.39704
Binance USD (BUSD) $ 1.00
Cardano (ADA) $ 0.462069
Solana (SOL) $ 41.24
Dogecoin (DOGE) $ 0.077627