PayPal is a popular payment service used by many people particularly with eBay. Therefore it can seem plausible when you receive an email that purports to come from PayPal asking you to confirm a transaction. However, anyone responding to the latest phishing email would either end up providing personal information to an identity thief. This particular PayPal phishing email was initially discovered by Christopher Boyd, a malware analyst at FaceTime Security Labs.
PayPal is often the subject of phishing emails as I have described numerous times in past Scams of the Day. This particular phishing email is pretty good looking. The email address from which it is sent appears to be connected to PayPal, but that is not the true address of the sender. The graphics and the grammar appear legitimate although it does not refer to you by name, but merely addresses the recipient as “Dear Client” which is an indication of a scam. If you click on the links indicated, this particular email will take you to a legitimate appearing page that asks for tremendous amounts of personal information including not only your credit card, but also your Social Security number which the real PayPal certainly does not need. If you provide this information in response to this scam, it will be used to make you a victim of identity theft.
Here is a link to a screenshot of the phony email.
The primary question we all face when we receive such an email asking for personal information or urging us to click on a link is how do we know whether to trust the email or not. The answer is, as I always say, trust me, you can’t trust anyone. Regardless of how legitimate such emails appear, you should not provide any personal information or click on any links until you have independently verified that the request for personal information or instructing you to click on a link is legitimate. In the case of PayPal, if you have a question about your account, you can contact PayPal online at