Be Careful of Fake Paypal Emails
This entry was posted by nhc on Thursday, June 26th, 2008 at 6:38 pm. It is filed under Web Stuff and tagged with fake paypal email.
This morning, I received an email from *Paypal*. In it they said that my Paypal billing information is out of date and they recommend me update my account information. You can take a look at it
This email is very believable because it look professional with the company’s header, the Paypal link (remember that Paypal use https, not http! ), the Paypal team at footer, go along with anti-fake tips on the right. It also seem to come from trusted source as service@paypal.com
Yes, this is a FAKE Paypal email really. It’s in my Spam folder, not in my Inbox 
. And as you see, Google know this, they alert us with a red message above the email. I am wondering how many people will be cheated with this email.
I believe everyone can be a victim of stolen account if they are not careful! Paypal itself also have some useful tips to recognize fake emails. You MUST read them.
- Generic greetings. Many spoof emails begin with a general greeting, such as: “Dear PayPal member.” If you do not see your first and last name, be suspicious and do not click on any links or button.
- A fake sender’s address. A spoof email may include a forged email address in the “From” field. This field is easily altered.
- A false sense of urgency. Many spoof emails try to deceive you with the threat that your account is in jeopardy if you don’t update it ASAP. They may also state that an unauthorized transaction has recently occurred on your account, or claim PayPal is updating its accounts and needs information fast.
- Fake links. Always check where a link is going before you click. Move your mouse over it and look at the URL in your browser or email status bar. A fraudulent link is dangerous. If you click on one, it could:
- Direct you to a spoof website that tries to collect your personal data.
- Install spyware on your system. Spyware is an application that can enable a hacker to monitor your actions and steal any passwords or credit card numbers you type online.
- Cause you to download a virus that could disable your computer.
- Emails that appear to be websites. Some emails will look like a website in order to get you to enter personal information. PayPal never asks for personal information in an email.
- Deceptive URLs. Only enter your PayPal password on PayPal pages. These begin with https://www.paypal.com/
- If you see an @ sign in the middle of a URL, there’s a good chance this is a spoof.
- Even if a URL contains the word “PayPal,” it may not be a PayPal site. Examples of fake URLs: www.paypa1.com, www.secure-paypal.com, www.paypalnet.com, www.paypalsecure.com
- Always log in to PayPal by opening a new web browser and typing in the following: https://www.paypal.com/
- Never log in to PayPal from a link in an email message.
- Misspellings and bad grammar. Spoof emails often contain misspellings, incorrect grammar, missing words, and gaps in logic. Mistakes also help fraudsters avoid spam filters.
- Unsafe sites. The term “https” should always precede any website address where you enter personal information. The “s” stands for secure. If you don’t see “https,” you’re not in a secure web session, and you should not enter data.
- Pop-up boxes. PayPal will never use a pop-up box in an email as pop-ups are not secure.
- Attachments. Like fake links, attachments are frequently used in spoof emails and are dangerous. Never click on an attachment. It could cause you to download spyware or a virus. PayPal will never email you an attachment or a software update to install on your computer
P/s: You see, I do not insert any hyperlink to Paypal. Always type Paypal address directly in your web browser! Not clicking in any hyperlink !
You've read the post. What's next?
If you like this post then please consider subscribing to our RSS feed. You can also subscribe by email to receive free updates directly in your inbox.
Want to know what am I doing? Follow me on Twitter!
Just wanted to say hi!
This kind of emails are a common form of phishing. Just ignore them and never click on the links. And before doing anything always check the domain name in the link.
Happy Blogging.
hi, thanks for writing this post. Have a great weekend!
@earnblogger & jccleofe : Welcome
I’ve experienced the similar problem and I’ve posted at Fake PayPal Email: Be Aware of Fake PayPal Sites
I get 1-2 each week..from support@papyal.com or smth
Ya!Those are silly e-mails..You have to keep a hard look on them..As a hacker from a site which I can’t disclose hear.I know the trick of making these phishing webpages which are exactly similar to the website and I also knw hw to detect it just check it’s domain in address bar sometimes the domain is also kept “www.paypal.com” by using a tricky thing then in that situation roll over you mouse on different pages of that site you might see some silly things in bottom of the browser.
Hey,
There is yet another issue. Last month IEEE spectrum reported this.
Hackers can replace the IP address of paypal on the server cache. So when you type in http://www.paypal.com the server loads the IP from the cache and you go to the hackers site.
Once you login the hacker takes your email and password and logs you in to the real paypal account. So its just like a redirection so that the hacker gets your password.
There is only one cure. Make sure that there is the https and not http in the address bar before you enter your detals.
TAke care.