Yesterday, I have received an email from PayPal – at least it appeared so at first glance – about limiting my PayPal account and that the PayPal system detected unusual charges to a credit card linked to my PayPal account. Since I found out immediately that it is a phishing email, I want to share this with you and give some advice how to avoid being caught in a phishing trap.

First of all I noticed that my PayPal account was not linked to the email address at which I received the PayPal notification email. I also noticed, that I received the email from paypal@service, which is kind of weird, isn’t it? It should have been sent from the paypal.com domain (actually they send such emails from service@paypal.com), not from services.com and also, this mail was sent to several other undisclosed users, which is not common behavior of PayPal emails and notifications: Especially when they are talking about a violation!

The email looked very authentic, however, there was the email address, which I have recognized that is not official and also the link in the email body – “Click here to activate your account” – which led to http://petshotzinc.com/usa/ which has nothing to do with PayPal, also when you Google this site, you will get some links from PhishTank and no official or reasonable results and resources which would assure you to go there and do something with your PayPal account. Luckily, when I launched this site, I didn’t get a “spoof” website, which is also a common practice of phishing emails, but I did get a warning from Google – “Suspected phishing site”. Phishing emails try to simulate the same site which is used for changing passwords or changing your account details, but only on a different domain, so if you do not pay attention, you can get caught in their phishing trap. Here is the screenshot of the phishing email, I have received:

Phishing email

Phishing email

Here are some instructions from PayPal on how to spot a fake email:

  1. Sender’s address – the “From” line may include an official-looking address that mimics a genuine one. It’s easy to alter the sender’s email address – so don’t trust it.
  2. Generic greetings – be wary of impersonal greetings like “Dear User,” or your email address. A legitimate PayPal email will always greet you by your first and last name.
  3. Typos/Poor grammar – emails sent by well-known companies are almost always free of misspellings and grammatical errors.
  4. False sense of urgency – many scam emails tell you that your account will be in jeopardy if something critical is not updated right away.
  5. Fake links – these may look real, but they can lead you astray. Check where a link is going before you click by hovering over the URL in an email, and comparing it to the URL in the browser. If it looks suspicious, don’t click.
  6. Attachments – A real email from PayPal will never include an attachment or software. Because they can contain spyware or viruses, you should never open an attachment unless you are 100% sure it’s legitimate.

Here is the official Guide to Phishing from PayPal, where you can learn how to avoid the phishing emails and how to recognize them.

However, phishing emails come from various vendors – eBay, Amazon, Google, Twitter, Facebook, banks and many others! Be aware, be careful and always read the emails, take some time to investigate if the email is real and that it isn’t a phishing email or scam. A couple of easy steps can save you from lot of problems like stolen identity, loss of money, etc.