Policy updates advises phishing email
The latest phishing email purporting to be from PayPal surfaced this week. This email is letting you know that there have been some changes to the legal agreements around PayPal. The agreements can be accessed by clicking on a link in the email. If you agree with the changes, then you do not need to do anything. If you aren’t happy, then you need to login to your account and check the policy updates page. There are no such changes, and in any case, the site requests your information whether you agree with the policy changes or not. Don’t click on any of the links in this email. Delete it if you receive it.
The email in question is shown as Figure A. The email uses PayPal branding, and has a realistic appearance. The sender of the email is “Service PayPal”. The email address has been spoofed to make it appear to be from PayPal. The subject line of the email is “Your Account Has been limited please Verify Your Ownership”. This contradicts the opening lines of the email. The email does not use a greeting.
There are four links in the email. They all lead to the same site. The site appears to be a compromised site. It does not use PayPal in the domain string. The main link that the email wants you to click on is the button with the anchor text “See the Policy Update Page”. The fascinating part of this email is the warning about fake emails at the bottom of this email. It states that PayPal official emails will address you using your first name and last name.
There are signs that this email is a fake. As mentioned here and in the phishing email, PayPal emails are personalised. The main signs are the links. They do not lead back to PayPal. They lead to a phishing site. Don’t click on the links.
Scott Reeves
MailShark
Free anti-spam service
Free email filter service