PayPal is a popular payment service used successfully by many people particularly when making purchases through eBay. However, because it is so popular with the public, it is also popular with scammers who will fashion PayPal related phishing emails that appear to come from PayPal. These phishing emails attempt to either lure you into clicking on links that will result in malware being downloaded on to your computer or phone or lure you into providing personal information that can be used to make you a victim of identity theft. I have described many of these phishing emails as they have been uncovered in the last few years and the PayPal phishing email about which I am writing today comes from my own email. As is so often the case with phishing emails, it attempts to lure you into responding by clicking on links or providing personal information in response to a purported emergency. In this case, it tells me that I must update my information in order to continue to use my PayPal account. The graphics are good and the grammar is not faulty, but neither of those things indicate that the email is legitimate. Most telling is the fact that the email comes from an address that has nothing to do with PayPal, but is most likely a part of a botnet used to send out spam and phishing emails. In addition, the email is directed to me as “Dear Customer” rather than referring to my name. It also does not include my account number.
Here is copy of the email I received.
The primary question we all face when we receive such an email asking for personal information or urging us to click on a link is how do we know whether to trust the email or not. The answer is, as I always say, trust me, you can’t trust anyone. Regardless of how legitimate such emails appear, you should not provide any personal information or click on any links until you have independently verified that the request for personal information or instructing you to click on a link is legitimate. In the case of PayPal, if you have a question about your account, you can contact PayPal online at https://www.paypal.com/re/selfhelp/home
If you do receive a PayPal phishing email, you should forward it to PayPal at firstname.lastname@example.org
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of www.scamicide.com and click on the tab that states “Sign up for this blog.”