The email in your inbox is from “PayPal Security.” The even scarier subject is “Notice: Login Attempt from unknown device.” It reads, “Dear User, Your PayPal Account was accessed from Auckland, New Zealand.” It gives the date and New Zealand Standard Time and a description of the web browser.
It wasn’t you, right? In that case, the next thing you need to do, according to this timely warning, is “Please Sign In to Your Papal Account and Verify Your Account. (Or just disregard, if it was you.) In addition to a link attached to the aforementioned “Sign In,” there is another convenient “Click Here to Sign In to Your PayPal Account” right above the courteous complimentary close “Best Regard (sic), PayPal Support.”
The email has all the logos you’d expect on a PayPal notice, and an unsophisticated user might panic at the warning. But it’s a fake, a phishing scam, really.
Let’s take a look at the email itself. A close investigation will show why you should stay composed and avoid the temptation to click on the “Sign In,” because it definitely won’t navigate you to your PayPal account.
You will be taken to a fake web page where you’ll be asked to fill out a form disclosing your user name, password, and other identifying information — whereupon some scammer now has custody of your PayPal account and all the financial and personal information it holds.
Here are the telltale signs this email is a fake.
1. PayPal — or any other financial organization — will never send such an email notice. PayPal never asks its customers is to do any of the following:
2. The email is addressed to “Dear User.” PayPal will send the email to you by name. Never trust an email that is also addressed to “undisclosed recipients.” It is likewise a fake.
3. The email has some minor, though telling, capitalization and English usage glitches:
If you receive a suspicious PayPal-labeled email, do not click on any of the links. Sign into your PayPal account the way you usually do and see if there is anything amiss. Frequently, phishing scammers will claim that your account has been frozen pending resolution of the problem. If you can sign on as usual…well, you get the picture.
Also, before you delete the suspicious email, forward it to email@example.com. You will receive an automated reply immediately thanking you for helping them to shut down those fake websites.
Read more about phishing scams impersonating PayPal in this piece by Dean Alvarez on ITProPortal’s Security News.
Want to learn more on how to protect you or your company from cyber attacks and other dangers lurking in the dark web? CEN Associates is the trusted choice when it comes to staying ahead of the latest information technology tips, tricks, and news. Contact us at (877) 239-1219 or send us an email at firstname.lastname@example.org for more information.
The CEN staff is one of the most knowledgeable service staff we have encountered, are solution oriented and they always find the most economical solutions to resolving our issues. Most important they are most timely in the resolution of our problems. We would certainly recommend their services to any company.”
(877) 239 1219