PayPal Phishers Nibble; MailFrontier Bites Back

Online security experts have raised the alert level on yet another e-mail virus ‘phishing’ for PayPal credit card numbers and other sensitive information.

Just days after the appearance of the MiMail.I worm, anti-virus firms have started detecting a new, more sophisticated MiMail.J variant that has grown into a mass-mailer.

MessageLabs slapped a ‘High Risk’ rating on MiMail.J, warning that the virus is already circulating in 77 countries across the globe.

In recent months, scammers have been using the high-tech ‘phishing’ tactic to swipe credit card numbers, bank account information, Social Security numbers and user passwords but the latest trend to integrate phishing with e-mail borne virus suggests a new level of sophistication, experts say.

For instance, while MiMail.I was programmed to trick users into entering credit card numbers, PIN codes, expiration dates and the CVV personal security code printed on the back of cards, the MiMail.J variant has added fields for mother’s maiden name and social security number.

The addition of those fields in the latest mutant could lead to widespread identity theft instead of just an exploitation of a PayPal account or credit card.

Symantec Security Response warned that MiMail.J distribution is high.

MailFrontier Fights Back
The latest twist on the scourge comes as Palo Alto, Calif.-based security messaging vendor MailFrontier released the gold version of its Matador 3.5 anti-fraud software, an application that quarantines e-mails it suspects are phishing messages.

MailFrontier’s Matador 3.5 uses proprietary analytics to automatically detect and categorize fraudulent e-mails for Outlook and Outlook Express users. The software, which doubles as a spam blocking tool, includes alerting capabilities to allow customers to report phishing attempts.

MailFrontier CEO Pavni Diwanji said phishers were successful in eliciting people’s information around 40 percent of the time, a startling statistic when compared to the 0.1 percent success rate for regular spam.

“In September, we were seeing in the range of 80 million e-mails from fraudsters (phishers). In October, that went up to 100 million and we expect it to increase significantly during the Christmas shopping season,” Diwanji said.

Before MailFrontier started separating phishing mail from regular spam, Diwani said the company’s subscribers regularly unjunked phishing mail because they were fooled into believing they were legitimate mail from PayPal or eBay.

“About 40 percent of our users would regularly fall for these scams and even accused us of blocking their legitimate mail. That is a terrifying statistic,” Diwanji declared. “The scammers are becoming more sophisticated and even for the savvy Internet user, it’s a serious threat. Vigilance has to be mixed with improved technology, she added.

Adapted from

Must Read

Get the Free Newsletter!

Subscribe to Daily Tech Insider for top news, trends, and analysis.