Hello Dear Customer says phishing email
It has been a busy week for crafters of PayPal phishing emails. We may start referring to this week as the “PayPal phishing week”.
As Figure A shows, this phishing email advises the recipient to reset their PayPal account. The email is moderately complex. There is a PayPal logo in the left hand corner. A heading titled “Update your account information” precedes the greeting. The greeting is “Hello Dear customer”.
The Sender of the email is “PaypaI Service”. Note that the last letter is I. Also note that the second p is lowercase. This is a significant variation from the genuine PayPal spelling. There is one link in the email. This link uses the anchor text “Reset your account now”. A basic copyright imprimatur is at the foot of the email.
The email implies that the recipient’s PayPal account is restricted. Restrictions are a valid action performed by PayPal. This phishing email is using a valid reason. The actions required to lift restrictions are presented in two simple steps.
The first step is to click on the link. This will open a website in the user’s browser. The second step is to enter personal details into the website. This allows verification that the recipient is the account owner.
This is yet another scam email. Once again, there are three big signs that this is a scam email. The first sign is the email greeting. Emails from PayPal are personalized, not “Hello Dear customer”. The second sign is the clumsy grammar. The third sign is the link. The link does not go to PayPal. Mousing over the link shows that it leads to a malicious site. Malicious sites vary in their purpose.
This one steals user PayPal credentials and information. Some malicious sites also serve malware via drive by downloads. Irrespective of the purpose, this email is a scam.