According to news in softpedia PayPal phishing scams are not uncommon. However, every once in a while experts notice a “flood.” The emails identified by Malwarebytes experts inform recipients of unusual activity in their accounts.
The messages contain a link that points to a PayPal phishing website (see screenshot). The cybercriminals tell victims that they have to wait 72 hours before they get a response. This gives them enough time compromise accounts.
The phishing pages are hosted on a large number of domains, and over 500 IP addresses are associated with this particular attack.
PayPal customers are also targeted with fake “You’ve Received New Funds!” emails that purport to come from the payment processor. According to Webroot, these notifications carry a piece of malware, more precisely, a variant of the notorious ZeuS banking Trojan.