Today, I received the following email:
While my first instinct was to click on ‘Unlock it now’ out of fear that something has gone very wrong, I’ve seen and heard enough about phishing to take another look. Sure enough, the email address that sent this didn’t look like a valid PayPal address to me with the mmail and paypalm in the address. I was quite suspicious.
I checked my account using my PayPal app on my iPhone and found that the account was not locked nor did it have any ‘irregular activity’. I grew even more suspicious.
I forwarded the questionable email to PayPal (mobile-apps@paypal.com) and, sure enough, my suspicions were correct. I received a reply from PayPal in a short thirteen minutes. I was assured that my account was in good standing and that the email was indeed a fake.
Some of the advice in the email was pretty standard fare but bears repeating. It outlines some things to look for in a bogus email:
- A generic greeting, like ‘Dear user’ or ‘Hello, PayPal member’.
- A request for financial or other personal information. If you are asked for your bank account, debit card, credit card, or driver’s license number, beware!
- Also taboo are requests for your email address, full name, account password or answers to security questions.
- Beware of attachments, a ‘software update’ that needs to be installed or a hyperlink.
- A request for money, including sending money through Western Union.
I was asked to forward the original email to spoof@paypal.com and then delete it from my Inbox.
I must commend PayPal for their quick response. In a scant fifteen minutes from when I received the email, I forwarded it to PayPal and received their reply. Really great customer service!
The email address that the nefarious folks sent this to is also the email address associated with several websites from which I have had personal information (name, email address, etc.) stolen. I suspect that they took a leap of faith that I have a PayPal account associated with the email address and took a chance that I might be gullible enough to take the bait. It’s called ‘phishing’ for a reason!
<Image credits: softpedia.com, PayPal>
I send all such emails to a dedicated paypal email: spoof@paypal.co.uk (I am in the uk)
Most of the big orgnisations around – tax people, credit card, banks, etc all have such an emails sometimes phishing@ etc. I now have six I use in my contacts so I can forward them on (from my spam folder without entering the email either) – my little bit towards fighting back.
John,
I hear you about fighting back. I’ve added the PayPal email address to my contacts. That way, when I get the next one (it’s just a matter of time), I’ll send it off as soon as I get it.
You could have saved yourself some time if you read the email address at the top of the page!….It reads: “PAYPALM”
You could have saved yourself some time if you read the last line of the opening paragraph at the top of the page… it reads:
“with the mmail and paypalm in the address. I was quite suspicious.” 🙂