Home Malware Programs Malware 16Shop


Posted: January 22, 2020

The number of PayPal phishing pages found online has been increasing recently, and one of the main contributors to this worrying statistic is the 16Shop phishing kit – a service that is being advertised on online hacking forums and enables any cybercriminals to gain access to a user-friendly and easy-to-utilize phishing page creation. The 16Shop phishing gang has been around for several years, but so far, they supported phishing pages for other popular services like Amazon, Apple and American Express – this is their first attempt at targeting the most popular online payment service.

16Shop Phishing Kit Adds Support for PayPal

According to cybersecurity researchers, the 16Shop phishing kit can be used to craft fake PayPal login pages in English, Thai, Spanish, German and Japanese. One surprising thing about the 16Shop phishing kit is that its customers do not need to possess a Web hosting service to deploy the phishing page they have crafted – all of the content is hosted on servers operated by the 16Shop gang members. According to forum posts advertising the paid 16Shop phishing kit, the cybercriminals who opt to try it out will gain access to an easy-to-use online administrator panel, as well as live chat support and assistance with any issues they may have. Overall, 16Shop's latest update has enhanced the user experience, and this is likely to be one of the main reasons why this phishing kit has been used so often recently.

The PayPal phishing pages that the 16Shop kit creates are able to exfiltrate more than just the login credentials of the victim – it also attempts to collect geolocation, credit card information, email address and even the victim's phone number. The details are obtained by displaying fake confirmation prompts that are designed to look like legitimate PayPal alerts. The collected data is then extracted to an email inbox operated by the attacker.

It is not uncommon for cybercriminals to offer their products as rentable services to generate extra revenue – the 16Shop phishing kit is one of the most popular on the market at the moment, especially because of its brand-new PayPal module. We advise you to be extra wary for suspicious emails from PayPal, as well as make sure that you only enter your login credentials in trustworthy and verified websites.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to 16Shop may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria .

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.