PayPal Email Scam, BreachForums Operators Detained, Hackers Target Airlines
Hello people! It’s July already, and we’re here once again with the latest global cybersecurity incidents. The threat actors are getting sophisticated with their approach, one cyberattack at a time. So, you must stay alert and aware to prevent any kind of potential cyber mishap.
With this intention, we bring to you the first edition of the month. This bulletin involves the details of the latest PayPal scam. We will also focus on how French police nabbed the BreachForum operators. Lastly, we will discuss how a group of threat actors is now targeting airlines and the transportation sector.
Let’s not waste time anymore and jump into the details that matter!
PayPal scam using real emails to trick users!
If you use PayPal for receiving and sending funds, this is something you cannot afford to ignore. A new PayPal scam is doing the rounds. The worst thing is that scammers have managed to carry out this cyberbreach in a highly convincing manner. Even the most aware and vigilant users are falling prey to this latest PayPal scam.
The cyberattackers are abusing the PayPal domain itself to send out malicious emails that look 100% real and convincing. You will receive real-life messages through these emails that are too hard to tell apart. Threat actors are misusing the “money request” or “add address” feature of PayPal to send out real emails from PayPal’s original domain. Since each of these emails is coming from the real PayPal domain, they pass through the authentication checks easily and land in your primary inbox. Also, there are rarely any malicious links added to these emails. All you will get to see is a phone number (the contact number of the scammer). The emails are designed in a way to grab your attention and compel you to take swift action without thinking much.
Once they have sent the first email, it is highly likely that they will follow up by connecting with you while pretending to be someone from the PayPal support team. Some emails can also contain a malicious link to “secure your account”. Eventually, this link will lead you to a fake login page designed to harvest your login credentials and other personal data.
Reddit and other cybersecurity forums are already buzzing with reports around this ongoing PayPal scam.
BreachForums operators arrested in France!
The French police claims to have arrested the five main operators of the BreachForum cybercrime forum. Basically, it was a website where threat actors used to leak as well as sell stolen data. Le Parisien claims that a law enforcement operation was conducted by BL2C, the cybercrime unit in Paris, this Monday. The Paris police department managed to raid different regions such as Seine-Maritime, Hauts-de-Seine, and Réunion. During the raids, the police nabbed four hackers who were popular online as “Noct,” “Hollow,” “Depressed,” and “ShinyHunters.” The police department has claimed that the 5th operator, “IntelBroker,” has already been arrested back in February 2025.
The original BreachForums community shut down in 2023 after its operator, Conor Brian FitzPatrick, also known as Pompompurin, was arrested. The 2.0 BreachForums was launched by other active members of the original community. These five operators are accused of being involved in major data breach instances against France Travail, the French Football Federation, and SFR.
The BreachForums V2 was forced to go offline back in April 2025 after someone managed to exploit the site, leveraging a MyBB zero-day vulnerability. Since then, it has been offline.
FBI and cybersecurity firms claim a specific hacking group is targeting airlines and the transportation sector!
Scattered Spider, a hacking group, is currently targeting the airlines and transportation sector. Experts like Mandiant and the security research division Unit 42 also claimed to have witnessed Scattered Spider’s attempts to target the airline industry. The FBI and cybersecurity firms are urging airlines and the transportation sector to implement DMARC, DKIM, and SPF protocols to defend against escalating email-based threats.
This is a group of mainly English-speaking hackers, specifically young adults and teenagers. Their primary goal is to steal and extort personal data from company networks. They are well-versed in their hacking techniques, such as phishing, social engineering, ransomware deployment, and subtle threats.
FBI believes that hackers can target anyone and everyone who comes under the airline ecosystem. WestJet, Canada’s second-largest airline, as well as Hawaiian Airlines, have already been targeted by threat actors in recent times. However, it is yet not clear whether or not Scattered Spider is behind both of these cyberattacks. Media reports, though, claim that the WestJet attack was carried out by the Scattered Spider group.
Apart from airlines, Scattered Spider group is also eyeing the transport industry, insurance sector, and the UK retail sector. Before this shift in interest, Scattered Spider used to hack into the networks of casinos, technology giant,s and hotel chains.
