Brazil’s Homegrown Payment System Is Target of Trump Administration
Brazil’s fast and free homegrown digital payment system, PIX, has become wildly popular. The Trump administration says it unfairly undercuts U.S. companies.
Paypal
Oregon Man Charged in ‘Rapper Bot’ DDoS Service
A 22-year-old Oregon man has been arrested on suspicion of operating “Rapper Bot,” a massive botnet used to power a service for launching distributed denial-of-service (DDoS) attacks against targets — including a March 2025 DDoS that knocked Twitter/X offline. The Justice Department asserts the suspect and an unidentified co-conspirator rented out the botnet to online extortionists, and tried to stay off the radar of law enforcement by ensuring that their botnet was never pointed at KrebsOnSecurity.
Threat Actor Claims to Sell 15.8 Million Plain-Text PayPal Credentials
A seller named Chucky_BF is offering 15.8M PayPal logins with emails, passwords, and URLs. The data may come…
New AI-Powered PayPal Scam Tricks You Into Calling a Fake Support Line
PayPal warns of a new AI-powered scam tricking users into calling fake support lines. Learn how to protect yourself.
The post New AI-Powered PayPal Scam Tricks You Into Calling a Fake Support Line appeared first on eSecurity Planet.
Big Tech’s Mixed Response to U.S. Treasury Sanctions
In May 2025, the U.S. government sanctioned a Chinese national for operating a cloud provider linked to the majority of virtual currency investment scam websites reported to the FBI. But more than a month later, the accused continues to openly operate accounts at a slew of American tech companies, including Facebook, Github, LinkedIn, PayPal and Twitter/X.
Scammers Insert Fake Support Numbers on Real Apple, Netflix, PayPal Pages
Cybercriminals are injecting fake support phone numbers onto official sites like Bank of America and Netflix. Learn how ‘search parameter injection’ scams work and protect yourself now.
Online ‘ghost stores’ are providing fake tracking numbers to dupe payment platforms, Australian shopper says
Geelong woman lured by bogus ads for a boutique that didn’t exist says PayPal must do more to help scam victimsOnline “ghost stores” falsely claiming to be Australian businesses are providing fake tracking numbers to convince payment platforms they hav…
Going, going, gone: Scam websites imitating famous brands are luring in victims on social media. What can be done?
Social media users are being tricked by false ads advertising fictitious sales – and consumers say the platforms must take actionGet our breaking news email, free app or daily news podcastAustralian consumers are being lured to fake websites imitating …
Oops: DanaBot Malware Devs Infected Their Own PCs
The U.S. government today unsealed criminal charges against 16 individuals accused of operating and selling DanaBot, a prolific strain of information-stealing malware that has been sold on Russian cybercrime forums since 2018. The FBI says a newer version of DanaBot was used for espionage, and that many of the defendants exposed their real-life identities after accidentally infecting their own systems with the malware.
Malicious NPM packages target PayPal users
Threat actors deploy malicious NPM packages to steal PayPal credentials and hijack cryptocurrency transfers. Fortinet researchers discovered multiple malicious NPM packages that are used to target PayPal users. The packages were uploaded to the repository in early March by a threat actor known as tommyboy_h1 and tommyboy_h2, and were used to steal PayPal credentials and hijack cryptocurrency transfers. “Using PayPal-related […]