PayPal account review phishing email
Much as we don’t like to say it, there are some realistic phishing emails out there. There are phishing emails that have our seasoned technical pros taking a second look, just to be sure our email filters haven’t scored a false positive. The email we present today is not one of those emails. In fact it is a little underwhelming. But we never underestimate a phishing email. Even the poor imitations have snared victims.
Take a look at Figure A and you will see what we mean. It’s a nondescript email by anyone’s standards. The greeting used is “Dear Valued Customer”. The sender of the email is listed at “PayPal”. The subject line of the email is “Account Review”. An attachment to the email is called Verification_2015.html”. There are no PayPal logos or branding present in the email. The email signs off with PayPal Account Review Department”.
The email informs the user that “Our security system detected unusual charges to a credit card linked to your PayPal account.” The user’s account has been limited. The email provides instructions on what to do next. You guessed it; download the form and fill it out. This is not the greatest phishing email we have seen. But as a study by Google and the University of California show, blatant phishing attempts can still succeed.
Besides having no PayPal branding, the grammar is quite poor in places. The greeting is generic. PayPal state on their site that:
Emails from PayPal will always address you by your first and last names or by your business name. We never say things like “Dear user” or “Hello PayPal member.”
The attachment does not lead to the genuine PayPal site. Inside it leads to a phishing site. PayPal also state that:
Our emails don’t link directly to pages that ask you to enter sensitive information like your bank account, credit card, and national identification or Social Security numbers.
Delete this email if you receive it.
Scott Reeves
MailShark
Free anti-spam service
Free email filter service
And PayPal has an email address (spoof@PayPal.com) that you can forward this phishing emails to so that they can try to track them down and deal with them. I wish every organization that handles your money had a similar email address to send such stuff to.
Hi Patrick, good point. For our Australian visitors PayPal have the reporting address of:
phishing@paypal.com.au
and it seems paypal used to have the following for European PayPal clients:
spoof@paypal.co.uk
but it’s hard to find confirmation on the net whether that email address for Europe is still valid or whether they just go to the .com version of it now.