Fake PayPal email uses eBay phishing bait

Fake PayPal email uses eBay phishing bait

PayPal phishing emails listing a fake eBay purchase are being used as phishing bait in the latest round of scam emails doing the rounds. The fake PayPal emails are very realistic in appearance; we have reproduced one such email in Figure A.

MailShark Fake PayPal email uses eBay phishing bait
Figure A – Click to Enlarge

PayPal phishing emails are not new, of course. We published details of one such email back in December. This latest phishing campaign is a renewed assault on PayPal users.

As can be seen in Figure A, the email is quite realistic. It uses the current PayPal logos and has a bottom line that includes that standard information, including a copyright imprimatur and an Australian Business Number (ABN).

The subject line of the email is “Receipt for Your Payment to AU-AdCommerce-EOM” or similar, whilst the sender is listed as Paypal. The text of the email informs the user that they have paid $82.81 AUD to eBay. There is a receipt number listed. The email is supposedly from PayPal Australia.

Under the payment information is a heading “Issues with this transaction?” A link is provided in this section if the user believes the transaction is fraudulent. This is the bait. The email is designed to elicit a response from the recipient by playing on the fear of having an account (such as PayPal) hacked and money stolen.

Whilst the email looks realistic, there are some mistakes. Towards the bottom of the email is a standard section that states (in part), “log in to you PayPal account and click Help”. Usually the “Help” would be a link; there is no link in this case. Similarly, the last sentence in the email reads (in part), “go to your Profile and click “My Settings”. Once again, there is no link.

Aside from the mistakes, the email is also not personalised. The sole link contained in the email leads to a realistic looking phishing site; indeed, the link itself contains paypal in the domain name, although the remainder of the domain name is gibberish.

This email is bogus; if you do receive it, delete it.

Scott Reeves
MailShark
Free anti-spam service
Free email filter service

Share This Post

Post Comment