It would seem the Payoneer phishers are at it again. Phishing is the act of a hacker pretending to be who he or she isn’t in order to steal your credentials or identity. For example, a cloned Facebook website designed to trick you into supplying your login credentials is a Phishing attempt. Receiving an SMS from some jobless fellow saying your ATM card will be blocked due to an incomplete BVN registration then going ahead to ask you to dial a number (where the receiver will attempt to extract sensitive information) is another common phishing attempt. For this reason, you should be wary of which links you click in your emails and messages asking you to verify your account (no matter how convincing the title or message is).
What is Payoneer?
Payoneer is a trusted payment service which gives you a real U.S bank account + a Dollar Mastercard. The debit card gets shipped to your doorstep for free and Payoneer supports most countries (e.g Nigeria, India etc). No need for VPNs or false information because your country is fully supported! Its legit and I’ve personally been using it for years now both for receiving and making payments.
The Payoneer phishing email that began my day
In the early hours of today, I got a rather strange email from Payoneer. Below is a screenshot
Upon surface inspection, it was pretty easy for me to tell that this e-mail wasn’t really from Payoneer so the hacker hoped I would be gullible enough to click that link. As for what could be at the other end of the link, it could’ve been a login form wanting to fool me into supplying my Payoneer email and password or even worse, an automated script which could hijack my browser or PC, compromising my accounts on other websites in the process (login cookie stealing).
How I was able to detect that this email wasn’t truly from Payoneer
There were many red flags on this one. First off, the email address I received this message on wasn’t the one associated with my Payoneer account. Also, I wasn’t expecting exactly $168.00 🙂 . I’ll walk you through some of my findings.
There was no Sender
Here’s what the real notification of received payment looks like
Now, below is the fake payment receipt email that the phisher sent me
From the Phished email above, you’ll notice that the Sent from line is missing. That was a mighty red flag for me because I’m normally able to know who paid me or who I paid from the email. having to wonder who this $168.00 came from got me suspicious.
It linked to a cloaked url
In the Phished email, written in red font (above the Continue button) is
But when you hover over it with your mouse (and the Continue button too), you’ll notice that both actually link to
It’s note worthy that the original email doesn’t’ even contain a Continue button or link
Non-linking social media icons
In the original email, the social icons are clickable as shown below
In the phishing email, you’ll notice that the social icons aren’t clickable
Don’t be deceived by the Sender email and ID
Looking at the Sender email and ID, both seem to checkout
But my knowledge of PHP lets me know that these too could easily be phished so don’t give that too much trust. Some services like Paypal add a Signed-by line to the email header so that’s one way for me to detect a Phished Paypal email
What to do if Payoneer account has been hacked
You’ll need to contact the Payoneer customer care immediately you discover or even suspect so. We have some guides for recovering a hacked Facebook account and regaining access to a hacked or compromised Google, Gmail or Adsense account incase this leads to other accounts getting hijacked.
How to avoid falling victim to Phishing scams
Its important you’re familiar with how each service you use contacts you and pay close attention to messages you receive. Avoid giving out sensitive information in the name of ‘account verification’. Be careful what links you click in your email and most important of all, the address bar is your best friend. Unless the original website is compromised, you can never go wrong if you take a close look at the address bar.