PayPal Online Access Blocked
“Unfortunately, your online access has been blocked.” Thus reads the opening line of the latest PayPal phishing email. The reason given is out of date PayPal billing records. The consequences are predictable: your account will be suspended. But fear not; clicking on the embedded link will solve the problem. It will lead to “instant activation”. The email is a fake.
Figure A shows the email. The email sender is “PayPal Customer Support”, but the email domain is not PayPal. It is a malicious s domain. The subject line reads “Important Update Required In Your Paypal Account”. A copy of the PayPal logo is in the top left hand corner of the email. The greeting is “Dear Paypal Member”. A single link embedded in the email uses the anchor text “Verify Your Account”. There is a short footer containing copyright information. The email has high priority.
The emails state that an update to the customer’s billing information is required. The link provided will allow the recipient to verify their PayPal account. Non-compliance with the email request will lead to account suspension (according to the email). The email states that the user must enter their login information on the website.
This email uses a combination of methods to trick the recipient. The priority of the email is set to high, which may bounce the email up in the recipient’s mind. The other method is the text of the email. Stating that the user’s account can be suspended for non-compliance with the request adds a menacing tone to the email. The email is a call for action.
There are signs that this email is false. Many people would read through the email and spot the punctuation errors. There are several spelling errors. The greeting is generic. PayPal will use a personalized greeting. Finally, the link is a link to a malicious site. It does not link to PayPal. The malicious site steals PayPal user logins and passwords. The intent is to commit fraud.