Thank You for Scheduling a Payment to Bill Me Later - PayPal Virus Email

Thank You for Scheduling a Payment to Bill Me Later - PayPal Virus Email

The email message below: "Thank you for scheduling a payment to Bill Me Later," which claims that the recipient made a payment online of $1958.80 (the amount may change), and it was applied his/her account, is a fake. This email message was not sent by PayPal BillMeLater, but by cybercriminals, whose intention is to trick the recipients into opening the malicious attachment, which will infect their computers with a virus or Trojan.

The Malicious Email: Thank you for scheduling a payment to Bill Me Later

BillMeLater Virus Email Message
Dear Customer,

Thank you for making a payment online! We've received your Bill Me Later® payment of $1958.80 and have applied it to your account.

For more details please check attached file


Your Bill Me Later Account Number Ending in: 0653
You Paid: $1958.80

Your Payment Date*: 01/20/2014
Your Payment Confirmation Number: 579471890749681597

Don't forget, Bill Me Later is the perfect way to shop when you want more time to pay for the stuff you need. Plus, you can always find great deals and discounts at over 1000 stores. Watch this short, fun video to learn more.

*NOTE: If your payment date is Saturday, or a holiday, it will take an additional day for the payment to appear on your account. However, you will be credited for the payment as of the payment date.

This email attachment, "", contains the virus file "PP_03357442.exe". This is the file that will infect your computer if you open it. The cybercriminals may change the name of this file.

Very importantly, the attachment looks like an Adobe Acrobat Read document, which will trick a lot of persons into clicking on it.

BillMeLater Virus Attachment Disguised as a PDF document

So, because the file looks like an Adobe Acrobat Read document it doesn’t mean that it is.

When we scanned this file, the following threats were detected:

  • PE:Malware.FakePDF@CV!1.9C28
  • TROJ_GEN.F0D1H00AK14

Once your computer has become infected with this malicious Trojan horse, cybercriminals behind this email message will be able to access and take control of your computer remotely from anywhere around the world. They may spy on you, use your computer to commit cybercrimes, or steal your personal and financial information.

Now, if you have already opened the malicious “PP_03357442.exe”, please do a full scan of your computer with the antivirus software installed on it.

If you don’t have antivirus software installed on your computer, please click here for a list of free antivirus software.

Never open an attachment that has a name ending with “.exe”, because these are computer programs that can infect your computer with a virus or some other malware.

For a list of email attachments that you should not open, please click here.

Check the comment section below for additional information, share what you know, or ask a question about this article by leaving a comment below. And, to quickly find answers to your questions, use our search Search engine.

Note: Some of the information in samples on this website may have been impersonated or spoofed.

Was this article helpful?  +
Share this with others:
Comments, Questions, Answers, or Reviews
There are no comments as yet, please leave one below or revisit.

To protect your privacy, please remove sensitive or identifiable information from your comments, questions, or reviews. We will use your IP address to display your approximate location to other users when you make a post. That location is not enough to find you.

Your post will be set as anonymous because you are not signed in. An anonymous post cannot be edited or deleted, therefore, review it carefully before posting. Sign-in.

Write Your Comment, Question, Answer, or Review

Thank You for Scheduling a Payment to Bill Me Later - PayPal Virus Email