Everything Is Just Dandy!

Clever Phishing Scam Uses Legitimate PayPal Messages

Schneier on Security
Bruce Schneier

Brian Krebs is reporting on a clever PayPal phishing scam that uses legitimate PayPal messaging.

Basically, the scammers use the PayPal invoicing system to send the email. The email lists a phone number to dispute the charge, which is not PayPal and quickly turns into a request to download and install a remote-access tool.