This phishing site is based on the design of the original PayPal platform to lead users through a set of pages, which aim to collect your private information. Once they have the necessary data, they use them to impersonate users and carry out tasks related to money laundering, fraudulent claims, etc.
So far, the main target of the attackers has been legitimate sites managed through WordPress, from which they obtain administrator credentials using brute force techniques, which they use to embed the phishing kit into the original website.
The infected pages show the same pattern: The victim is asked to pass a security challenge (CAPTCHA) and once passed, they are asked for their PayPal account username and password. Below, they are warned about unusual activity detected in their account and are informed that if they want to secure it, they will need to enter all their personal information, their email access credentials, a photo of their identification document and their bank details (including their credit card information, the CVV and the PIN of it).
Although initially it may be obvious that the site is not legitimate, this attack is having a certain level of effectiveness and has claimed a considerable number of victims.
It is advisable to analyze the situation we are in before entering our confidential data and in case we have doubts, it is worth visiting the official website of this type of application to purchase the data they request, ya que por ejemplo plataformas del estilo de PayPal nunca solicita el PIN de las tarjetas de crédito de sus usuarios.