A new wave of PayPal invoice scams have been found using blockchain/cryptocurrency-related businesses as their disguise, security researchers from Japanese cybersecurity vendor Trend Micro found on October 09, 2022.
While the scammers use a very common method, impersonating PayPal sellers to send random target invoices via PayPal systems saying users have been charged an amount of money and pushing them to click on malicious links, they use the names of famous companies/tokens on different blockchains to do so.
Among the examples mentioned by Trend Micro are Stellar XLM, Bitcoin Exchange, Terra Luna Classic, Oasis Network and TrueUSD.
The Japanese vendor also provides some tips to protect yourself against these scams better:
- Double-check contact details and URLs. Be wary of any unexpected/unauthorized charges that come in via email — even if the email itself comes from a legitimate company such as PayPal. (Note: In some cases, the email itself is indeed generated by PayPal’s service)
- Reach out to official websites and support pages directly for help if in doubt. You can also forward suspected scam emails to email@example.com
- Never click on links or call numbers