PayPal is a popular payment service used by many people particularly with eBay. Therefore it can seem plausible when you receive an email that purports to come from PayPal asking you to confirm a transaction. However, anyone responding to the latest phishing email reproduced below would end up providing personal information to an identity thief.
PayPal is often the subject of phishing emails as I have described numerous times in past Scams of the Day. This particular phishing email looks legitimate. The email address from which it is sent appears to be connected to PayPal, but that is not the true address of the sender. The graphics and the grammar appear legitimate although the email does not refer to you by name. It also came with a legitimate appearing PayPal logo, but that is easily counterfeited. It also contains references to Digital Federal Credit Union, which may seem official, but has nothing to do with PayPal. If you click on the links indicated, this particular email will take you to a legitimate appearing page that asks for tremendous amounts of personal information that can be used to make you a victim of identity theft.
“Your PayPal Payment Has Been Sent
Your payment to John Gregg was sent. If you did not make this payment, You have within the next 24hrs to cancel Payment before it reaches the recipient.
Login Now to cancel payment.
DCU Home Branches Branch and ATM Locator Contact Us
Find us on Facebook
Our Privacy Policy protects your privacy and we will never sell your name or email address. Federally insured by NCUA. DCU is an Equal Housing Lender.
Please do not reply to this email. © 2016, Digital Federal Credit Union
220 Donald Lynch Boulevard, PO Box 9130, Marlborough, MA 01752-9130”
The primary question we all face when we receive such an email asking for personal information or urging us to click on a link is how do we know whether to trust the email or not. The answer is, as I always say, trust me, you can’t trust anyone. Regardless of how legitimate such emails appear, you should not provide any personal information or click on any links until you have independently verified that the request for personal information or instructing you to click on a link is legitimate. In the case of PayPal, if you have a question about your account, you can contact PayPal online at