A new phishing scam involves fake emails from PayLife, a well-known payment service provider, that lure people with a QR code. The aim of these emails is to trick users into revealing their login details.

This article highlights the methods used by fraudsters, gives tips on how to recognize such emails and advises what you should do in the event of a phishing attack.

The QR code as a trap

In the fraudulent emails, the recipients are informed about an alleged blocking of their myPayLife app. In order to remove this block, the user is led to believe that he or she has to scan a QR code. Another clever detail of the scam is the personal salutation in the emails, which creates trust and makes the message more credible.

Fake PayLife Mail / Screenshot Watchlist Internet
Fake PayLife Mail / Screenshot Watchlist Internet

Hello [your name]!

Your app is locked and you cannot currently release orders or internet payments.
Please scan the QR code below to remove the lock.

[QR code]

Best regards

Your PayLife team

However, this QR code leads to a fake myPayLife login page that looks deceptively real. As soon as you log in to this site, the fraudsters have access to sensitive data.

Deceptively real imitation of the myPayLife site

The fake login page imitates the original down to the last detail, only the web address reveals the fake on closer inspection. The correct address of PayLife is https://my.paylife.at/de/authentication/anmelden/

The real and the fake myPayLife page in comparison / Screenshots Watchlist Internet
The real and the fake myPayLife page in comparison / Screenshots Watchlist Internet

Identification features of phishing emails

To protect yourself from such phishing attacks, it is important to always remain skeptical. Users should never hastily scan QR codes and always question the authenticity of emails. This also includes carefully checking the sender address and testing the claims in the email itself, for example by logging into the affected account independently.

What to do if you suspect?

If you suspect that you have fallen victim to a phishing attack, you should contact your payment service provider immediately and, if necessary, report it to the police. It is also advisable to report such emails to the Internet Watchlist to warn other users.

Conclusion

Phishing attacks with QR codes represent a new challenge in the fight against online fraud. Through education and vigilance, users can recognize such traps and protect themselves. Stay informed and safe in the digital world!

Source: Watchlist Internet

Feel free to subscribe to the Mimikama newsletter and register for our online lectures and workshops to stay up to date.

Sign up for the Mimikama newsletter

Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )