Beware of Paypal Spoofs Bearing Scary Warnings  

The email in your inbox is from “PayPal Security.” The even scarier subject is “Notice: Login Attempt from unknown device.” It reads, “Dear User, Your PayPal Account was accessed from Auckland, New Zealand.” It gives the date and New Zealand Standard Time and a description of the web browser.

Paypal Spoofing

It wasn’t you, right? In that case, the next thing you need to do, according to this timely warning, is “Please Sign In to Your Papal Account and Verify Your Account. (Or just disregard, if it was you.) In addition to a link attached to the aforementioned “Sign In,” there is another convenient “Click Here to Sign In to Your PayPal Account” right above the courteous complimentary close “Best Regard (sic), PayPal Support.”

The email has all the logos you’d expect on a PayPal notice, and an unsophisticated user might panic at the warning. But it’s a fake, a phishing scam, really.

Let’s take a look at the email itself. A close investigation will show why you should stay composed and avoid the temptation to click on the “Sign In,” because it definitely won’t navigate you to your PayPal account.

You will be taken to a fake web page where you’ll be asked to fill out a form disclosing your user name, password, and other identifying information — whereupon some scammer now has custody of your PayPal account and all the financial and personal information it holds.

Here are the telltale signs this email is a fake.

1. PayPal — or any other financial organization — will never send such an email notice. PayPal never asks its customers is to do any of the following:

  • download a form or file to resolve an issue
  • verify an account using personal, bank account, or credit card information
  • provide security question answers without displaying each security question you created

2. The email is addressed to “Dear User.” PayPal will send the email to you by name. Never trust an email that is also addressed to “undisclosed recipients.” It is likewise a fake.

3. The email has some minor, though telling, capitalization and English usage glitches:

  • The subject line capitalizes Login and Attempt, but not the words unknown device. There is also a period at the end of the subject line, which is not standard usage.
  • First line of the text has inappropriate capitalization and refers to PayPal as “Paypal.”
  • The text sentence begins with the somewhat strange wording “If it is you who has accessed…” It’s not ungrammatical, but it reads as overly stiff, as if the writer knew how to write in English, but wasn’t all that good at speaking it.
  • Finally, the complimentary close “Best Regard” indicates that whomever wrote the email was either a poor proofreader or definitely not a native English speaker. (These phishing scams typically originate from overseas.)

If you receive a suspicious PayPal-labeled email, do not click on any of the links. Sign into your PayPal account the way you usually do and see if there is anything amiss. Frequently, phishing scammers will claim that your account has been frozen pending resolution of the problem. If you can sign on as usual…well, you get the picture.

Also, before you delete the suspicious email, forward it to spoof@paypal.com. You will receive an automated reply immediately thanking you for helping them to shut down those fake websites.

Read more about phishing scams impersonating PayPal in this piece by Dean Alvarez on ITProPortal’s Security News.

Want to learn more on how to protect you or your company from cyber attacks and other dangers lurking in the dark web? {company} is the trusted choice when it comes to staying ahead of the latest information technology tips, tricks, and news. Contact us at {phone} or send us an email at {email} for more information.

Connect With Your New York City IT Team