Hackers Abuse Venmo Payment Service to Steal Login Details | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

Venmo, a mobile payment service owned by PayPal, has become a household name in the United States. It facilitates a convenient way for friends to exchange money and for businesses to transact with customers.

With significant year-over-year growth, Venmo reported a total payment value of $68 billion in Q3 of 2023, according to Statista, ranking it among the top three payment brands in the U.S. However, with over 62.8 million active users, the platform has inevitably attracted the attention of cybercriminals.

Phishing Scams: A Persistent Threat

Historically, PayPal has been a target for phishing scams, and now its subsidiary, Venmo, is facing similar threats.


Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.


  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

AcuRisQ, that helps you to quantify risk accurately:

Hackers have been crafting deceptive emails that mimic official Venmo communication, tricking users into calling fraudulent phone numbers to rectify false charges.

Harmony Email researchers have identified this new wave of attacks and alerted Venmo on February 13th.

One such email informs the recipient of a $99.99 payment to Coinbase via Venmo, which the user knows to be incorrect.

The email urges the recipient to call an unassociated phone number, which leads to a scammer ready to extract personal and financial information under the pretense of reversing the charge.

Checkpoint, a cybersecurity firm, has recently published a report that reveals how hackers are exploiting the Venmo payment service to steal login credentials.

Another example involves an email that appears to be from Norton, again with a phone number unaffiliated with Venmo, PayPal, or Norton.

Sophisticated Techniques: Evading Detection

These phishing emails are particularly insidious because they pass standard security checks such as SPF and DKIM, and contain legitimate links, making them appear as non-malicious correspondence from Venmo.

The scam is often only detectable by the fraudulent phone number, which requires advanced AI engines to identify it as illegitimate.

When victims call the number provided in the phishing email, scammers not only attempt to steal sensitive information but also engage in “phone number harvesting.”

By capturing the victim’s phone number, they can launch additional attacks via SMS, WhatsApp, or direct calls.

Best Practices: Defending Against Phishing Attacks

To combat these sophisticated phishing attempts, security experts recommend the following measures:

  • Employ AI-powered security solutions that analyze multiple indicators of phishing.
  • Utilize robust URL protection services that can scan and emulate web pages to detect malicious content.
  • Implement security measures capable of scanning phone numbers, in addition to traditional phishing indicators.

With Perimeter81 malware protection, you can block malware, including Trojans, ransomware, spyware, rootkits, worms, and zero-day exploits. All are incredibly harmful and can wreak havoc on your network.

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.


Click Here For The Original Story From This Source.


National Cyber Security